Job Requirements
Hampton, VA Lexington, MA
Secret Polygraph not specified
Career Level not specified
$120,000 - $180,000
Job Description
Design, implement, integrate, and maintain systems and tools to automate complex cyber activities. Apply advanced consulting skills or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members.
You Have:
3+ years of experience administering Elastic Stack, including Elasticsearch, Kibana, Logstash, Beats, or Fleet
Experience managing Elasticsearch index lifecycle policies, index templates, and data streams at scale, and building Kibana dashboards, visualizations, and lens-based analytics for security operations
Experience with Elastic Security detection rules, alerts, and case management workflows
Experience with log ingestion pipeline design, including parsing, enrichment, and normalization across heterogeneous log sources such as network, endpoint, identity, and cloud
Experience with Elastic Common Schema (ECS) and mapping non-standard log sources into ECS-compliant fields
Experience working in a DoD, IC, or federal cybersecurity environment such as SOC, SIEM operations, or defensive cyber
Knowledge of AI/ML concepts as applied to security analytics such as anomaly detection, behavioral baselining, or threat scoring
Ability to work on-site per program requirements, and travel up to 25% of the time
Secret clearance
Bachelor’s degree
Nice If You Have:
Experience with Elastic's ML jobs, including for User and Entity Behavior Analytics (UEBA), rare process detection, or anomalous login patterns
Experience with Elastic AI Assistant or integration of LLMs into Elastic Security workflows such as natural language querying and alert triage assistance
Experience building or fine-tuning ML models outside Elastic, including Python, scikit-learn, and PyTorch, for security use cases such as threat detection or lateral movement scoring
Experience with Elastic Agent fleet management at scale, including custom integrations and policy management
Experience with cross-domain data flows and working in multi-classification environments such as IL4, IL5, or IL6
Experience with ES|QL or EQL for advanced threat hunting and detection-as-code workflows
Experience building SOAR-related automation around Elastic, including webhook actions, connector integrations, or n8n/XSOAR orchestration
Experience with Elastic's transforms and runtime fields for creating enriched security datasets and risk scoring indices
Experience with RAG architectures or vector search in Elasticsearch for security knowledge retrieval, including TTP lookup and incident context enrichment
Elastic Certified Engineer or Elastic Certified Analyst Certification
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation and Benefits
Salary Range: $120,000 - $180,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
You Have:
3+ years of experience administering Elastic Stack, including Elasticsearch, Kibana, Logstash, Beats, or Fleet
Experience managing Elasticsearch index lifecycle policies, index templates, and data streams at scale, and building Kibana dashboards, visualizations, and lens-based analytics for security operations
Experience with Elastic Security detection rules, alerts, and case management workflows
Experience with log ingestion pipeline design, including parsing, enrichment, and normalization across heterogeneous log sources such as network, endpoint, identity, and cloud
Experience with Elastic Common Schema (ECS) and mapping non-standard log sources into ECS-compliant fields
Experience working in a DoD, IC, or federal cybersecurity environment such as SOC, SIEM operations, or defensive cyber
Knowledge of AI/ML concepts as applied to security analytics such as anomaly detection, behavioral baselining, or threat scoring
Ability to work on-site per program requirements, and travel up to 25% of the time
Secret clearance
Bachelor’s degree
Nice If You Have:
Experience with Elastic's ML jobs, including for User and Entity Behavior Analytics (UEBA), rare process detection, or anomalous login patterns
Experience with Elastic AI Assistant or integration of LLMs into Elastic Security workflows such as natural language querying and alert triage assistance
Experience building or fine-tuning ML models outside Elastic, including Python, scikit-learn, and PyTorch, for security use cases such as threat detection or lateral movement scoring
Experience with Elastic Agent fleet management at scale, including custom integrations and policy management
Experience with cross-domain data flows and working in multi-classification environments such as IL4, IL5, or IL6
Experience with ES|QL or EQL for advanced threat hunting and detection-as-code workflows
Experience building SOAR-related automation around Elastic, including webhook actions, connector integrations, or n8n/XSOAR orchestration
Experience with Elastic's transforms and runtime fields for creating enriched security datasets and risk scoring indices
Experience with RAG architectures or vector search in Elasticsearch for security knowledge retrieval, including TTP lookup and incident context enrichment
Elastic Certified Engineer or Elastic Certified Analyst Certification
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation and Benefits
Salary Range: $120,000 - $180,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
group id: 91017793