Posted today
Secret
Mid Level Career (5+ yrs experience)
$150,000 - $200,000
Business - Legal
Colorado Spgs, CO (On/Off-Site)
Zachary Piper Solutions is seeking a Sr. Elastic Defend Architect to support a high‑visibility federal cybersecurity program within a leading Managed Security Service Provider (MSSP) in Colorado Springs, CO. This senior‑level role focuses on architecting and deploying advanced endpoint security capabilities using Elastic Defend, Elastic Security, and Elasticsearch. The ideal candidate brings deep expertise in endpoint detection and response (EDR), scalable Elastic Security architectures, and high‑performance Elasticsearch environments. You will collaborate with cross‑functional engineering, SOC, IR, and cloud teams to build and optimize mission‑critical Elastic Defend solutions. The position is contingent upon additional funding.
Responsibilities of the Sr. Elastic Defend Architect include:
Architect, design, and deploy Elastic Defend across large, distributed enterprise environments
Configure and manage Fleet Servers, agent enrollment workflows, endpoint policies, and security integrations
Design and maintain scalable Elasticsearch clusters supporting Elastic Security workloads
Build and optimize ingestion pipelines for endpoint telemetry, audit logs, alerts, and security‑relevant data
Improve Elastic Security performance through index management, ILM tuning, ECS mapping, and ingest pipeline enhancements
Develop and maintain observability frameworks using Kibana and related tooling
Implement logging, metrics, and tracing systems for real‑time monitoring and detection
Analyze and visualize datasets to support threat hunting, anomaly detection, and operational insights
Troubleshoot Elastic Defend agent behavior, endpoint policy issues, and integration failures
Ensure data integrity, security, and compliance across all Elastic Security components
Collaborate with SOC, Incident Response, DevOps, cloud, and platform engineering teams
Provide technical guidance, mentoring, and subject‑matter expertise to internal teams and stakeholders
Document architectures, runbooks, deployment patterns, and best practices
Stay current on emerging Elastic Security capabilities, endpoint threat trends, and cybersecurity technologies
Qualifications for the Sr. Elastic Defend Architect include:
Active Secret clearance (minimum)
Valid U.S. Passport
Outstanding written and verbal communication skills
Ability and willingness to support domestic or international on‑site travel as needed
Experience demonstrating proficiency in:
Elastic Security / Elastic Defend architecture or administration
Elasticsearch cluster design, scaling, and performance optimization
SIEM and EDR concepts across platforms such as Elastic, Splunk, QRadar, LogRhythm, or Sentinel
Linux/Unix systems, networking fundamentals, and cloud environments (AWS, Azure, GCP)
Scripting languages such as Python, PowerShell, or Bash
Modern threat landscapes, endpoint attack techniques, and defensive controls
Preferred Qualifications:
Certifications such as:
Elastic Certified Engineer
Elastic Certified Analyst
Elastic Security Engineer
Experience with DevOps/SRE methodologies (automation, CI/CD, IaC, configuration management)
Familiarity with search/indexing technologies such as Solr or Lucene
Background supporting large‑scale, mission‑critical cybersecurity environments
Position Details:
Location: Colorado Springs, CO
Schedule: On‑site, 4–5 days per week
Collaboration with SOC, IR, cloud, DevOps, and platform engineering teams
Position is contingent upon additional funding
Compensation for the Sr. Elastic Defend Architect includes:
Salary Range: $150,000 – $200,000
Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave (as required), Holidays
Responsibilities of the Sr. Elastic Defend Architect include:
Architect, design, and deploy Elastic Defend across large, distributed enterprise environments
Configure and manage Fleet Servers, agent enrollment workflows, endpoint policies, and security integrations
Design and maintain scalable Elasticsearch clusters supporting Elastic Security workloads
Build and optimize ingestion pipelines for endpoint telemetry, audit logs, alerts, and security‑relevant data
Improve Elastic Security performance through index management, ILM tuning, ECS mapping, and ingest pipeline enhancements
Develop and maintain observability frameworks using Kibana and related tooling
Implement logging, metrics, and tracing systems for real‑time monitoring and detection
Analyze and visualize datasets to support threat hunting, anomaly detection, and operational insights
Troubleshoot Elastic Defend agent behavior, endpoint policy issues, and integration failures
Ensure data integrity, security, and compliance across all Elastic Security components
Collaborate with SOC, Incident Response, DevOps, cloud, and platform engineering teams
Provide technical guidance, mentoring, and subject‑matter expertise to internal teams and stakeholders
Document architectures, runbooks, deployment patterns, and best practices
Stay current on emerging Elastic Security capabilities, endpoint threat trends, and cybersecurity technologies
Qualifications for the Sr. Elastic Defend Architect include:
Active Secret clearance (minimum)
Valid U.S. Passport
Outstanding written and verbal communication skills
Ability and willingness to support domestic or international on‑site travel as needed
Experience demonstrating proficiency in:
Elastic Security / Elastic Defend architecture or administration
Elasticsearch cluster design, scaling, and performance optimization
SIEM and EDR concepts across platforms such as Elastic, Splunk, QRadar, LogRhythm, or Sentinel
Linux/Unix systems, networking fundamentals, and cloud environments (AWS, Azure, GCP)
Scripting languages such as Python, PowerShell, or Bash
Modern threat landscapes, endpoint attack techniques, and defensive controls
Preferred Qualifications:
Certifications such as:
Elastic Certified Engineer
Elastic Certified Analyst
Elastic Security Engineer
Experience with DevOps/SRE methodologies (automation, CI/CD, IaC, configuration management)
Familiarity with search/indexing technologies such as Solr or Lucene
Background supporting large‑scale, mission‑critical cybersecurity environments
Position Details:
Location: Colorado Springs, CO
Schedule: On‑site, 4–5 days per week
Collaboration with SOC, IR, cloud, DevOps, and platform engineering teams
Position is contingent upon additional funding
Compensation for the Sr. Elastic Defend Architect includes:
Salary Range: $150,000 – $200,000
Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave (as required), Holidays
group id: 10430981
