Posted today
Secret
$130,000 - $150,000
Unspecified
IT - Security
Huntsville, AL (On-Site/Office)
Description
Position Summary
The Senior Security Integration Engineer (Elastic Stack) supports the Missile Defense Agency
(MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.
Essential Duties and Responsibilities
• Be responsible for onboarding, integrating, and optimizing security data sources into the
Elastic Security Platform.
• Collaborate with customer technical teams to map their environment, plan ingestion
strategies, update network and data flow diagrams, validate logging pipelines, and ensure
successful end-to-end SIEM integration.
• Conduct assessments of customer environments and identify required logging, telemetry,
and network visibility gaps.
• Translate customer operational requirements into ingestion roadmaps and technical
implementation plans.
• Develop, maintain, and version-control network diagrams, data flow diagrams, and SIEM
onboarding documentation.
• Produce runbooks, integration guides, and operational reference materials.
• Monitor ingestion health and coordinate issue resolution with customers and internal teams.
• Ensure adherence to security policies, logging standards, and architectural governance.
• Provide technical guidance and mentorship to junior engineers working on data ingestion
and SIEM onboarding tasks.
• Contribute to onboarding playbooks, best practices, and internal training sessions.
• Serve as a subject-matter expert on Elastic SIEM capabilities and logging integration
patterns.
• Expert proficiency with Elastic Stack design, ingestion, and optimization.
• Advanced competency in network architecture, security telemetry, and log analytics.
• Strong troubleshooting skills covering ingestion failures, ECS issues, agent deployment,
and pipeline errors.
• Skilled at engaging customers, translating requirements, and articulating complex
integrations clearly.
• Effective at producing structured, high-quality documentation and diagrams.
• Demonstrated ownership of complex projects from planning through execution.
• Detail-oriented with a focus on accuracy, completeness, and mission assurance.
• Ability to balance customer requirements with architectural standards and best practices.
Minimum Qualifications (Knowledge, Skills, and Abilities)
• Must have 10, or more, years of general (full-time) work experience
o May be reduced with completion of advanced education
• Must have 5, or more, years of experience in cybersecurity engineering, systems
integration, or SIEM operations.
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding
other team members.
• Must have a strong understanding of enterprise networks, including routing, switching,
VPNs, firewalls, and network security tools.
• Experience with data ingestion, processing, and enrichment techniques.
• Must be able to build and maintain network and data flow diagrams (e.g., Visio, Lucidchart,
Draw.io).
• Must be proficient in Linux systems, command-line tools, and system administration
fundamentals.
• Must have experience working directly with customers in a technical consulting or
engineering capacity.
• Must have a DoD 8570.01-M IAT Level II certification with Continuing Education (CE) -
(CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain/maintain a DoD Top Secret Security Clearance
Desired Requirements:
• Have 1, or more, of the following: Elastic Certified Engineer, Elastic Certified Analyst, or
relevant Elastic certifications.
• Have experience with cloud platforms and logging pipelines (AWS, Azure, GCP, cloud-
native telemetry).
• Be familiar with ECS (Elastic Common Schema) and data normalization best practices.
• Have experience implementing detection engineering or threat hunting workflows in Elastic
Security.
• Have knowledge of scripting languages (Python, PowerShell, Bash) to automate ingestion
and data validation.
• Have experience integrating EDR, NDR, IAM, and vulnerability management logs into a
SIEM.
• Have an understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence
ingestion.
• Have experience mentoring or leading small technical teams.
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.
While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.
Travel - Up to 10%
Shift
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
The company is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable
Salary Description
Range: $130,000 - $150,000
Position Summary
The Senior Security Integration Engineer (Elastic Stack) supports the Missile Defense Agency
(MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.
Essential Duties and Responsibilities
• Be responsible for onboarding, integrating, and optimizing security data sources into the
Elastic Security Platform.
• Collaborate with customer technical teams to map their environment, plan ingestion
strategies, update network and data flow diagrams, validate logging pipelines, and ensure
successful end-to-end SIEM integration.
• Conduct assessments of customer environments and identify required logging, telemetry,
and network visibility gaps.
• Translate customer operational requirements into ingestion roadmaps and technical
implementation plans.
• Develop, maintain, and version-control network diagrams, data flow diagrams, and SIEM
onboarding documentation.
• Produce runbooks, integration guides, and operational reference materials.
• Monitor ingestion health and coordinate issue resolution with customers and internal teams.
• Ensure adherence to security policies, logging standards, and architectural governance.
• Provide technical guidance and mentorship to junior engineers working on data ingestion
and SIEM onboarding tasks.
• Contribute to onboarding playbooks, best practices, and internal training sessions.
• Serve as a subject-matter expert on Elastic SIEM capabilities and logging integration
patterns.
• Expert proficiency with Elastic Stack design, ingestion, and optimization.
• Advanced competency in network architecture, security telemetry, and log analytics.
• Strong troubleshooting skills covering ingestion failures, ECS issues, agent deployment,
and pipeline errors.
• Skilled at engaging customers, translating requirements, and articulating complex
integrations clearly.
• Effective at producing structured, high-quality documentation and diagrams.
• Demonstrated ownership of complex projects from planning through execution.
• Detail-oriented with a focus on accuracy, completeness, and mission assurance.
• Ability to balance customer requirements with architectural standards and best practices.
Minimum Qualifications (Knowledge, Skills, and Abilities)
• Must have 10, or more, years of general (full-time) work experience
o May be reduced with completion of advanced education
• Must have 5, or more, years of experience in cybersecurity engineering, systems
integration, or SIEM operations.
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding
other team members.
• Must have a strong understanding of enterprise networks, including routing, switching,
VPNs, firewalls, and network security tools.
• Experience with data ingestion, processing, and enrichment techniques.
• Must be able to build and maintain network and data flow diagrams (e.g., Visio, Lucidchart,
Draw.io).
• Must be proficient in Linux systems, command-line tools, and system administration
fundamentals.
• Must have experience working directly with customers in a technical consulting or
engineering capacity.
• Must have a DoD 8570.01-M IAT Level II certification with Continuing Education (CE) -
(CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain/maintain a DoD Top Secret Security Clearance
Desired Requirements:
• Have 1, or more, of the following: Elastic Certified Engineer, Elastic Certified Analyst, or
relevant Elastic certifications.
• Have experience with cloud platforms and logging pipelines (AWS, Azure, GCP, cloud-
native telemetry).
• Be familiar with ECS (Elastic Common Schema) and data normalization best practices.
• Have experience implementing detection engineering or threat hunting workflows in Elastic
Security.
• Have knowledge of scripting languages (Python, PowerShell, Bash) to automate ingestion
and data validation.
• Have experience integrating EDR, NDR, IAM, and vulnerability management logs into a
SIEM.
• Have an understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence
ingestion.
• Have experience mentoring or leading small technical teams.
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.
While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.
Travel - Up to 10%
Shift
- Hours and shift determined by location.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
The company is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable
Salary Description
Range: $130,000 - $150,000
group id: 10432548
N
