Senior Elastic Engineer

Senior Elastic Engineer

Location: Scott Air Force Base, IL (901 South Drive, Building 700, Scott AFB, IL 62225)
Employment Type: Full-Time, Direct Hire
Work Location: 100% Onsite
Security Clearance: Active Secret Clearance Required
Relocation Assistance: Available
Target Start Date: Immediate
Salary Range: $190,000 - $230,000
Position Overview

We are seeking an experienced Senior Elastic Engineer to lead the implementation and deployment of our next-generation Elastic platform supporting enterprise security monitoring and observability initiatives. This role will be instrumental in designing, deploying, and optimizing a new Elastic environment as part of our migration away from Splunk.

The selected candidate will provide technical leadership throughout the implementation, including cluster deployment, platform architecture, and integration with supporting technologies. This individual should be comfortable working hands-on while collaborating with security architects, infrastructure engineers, and program stakeholders in a fast-paced DoD environment.
Primary Responsibilities

• Lead the deployment and configuration of a new Elastic Stack environment.
• Design, install, and manage highly available Elasticsearch clusters.
• Implement and support Elastic Cloud on Kubernetes (ECK) deployments.
• Support the migration of security monitoring and log analytics from Splunk to Elastic.
• Integrate data ingestion pipelines and evaluate technologies such as Cribl to optimize log collection and routing.
• Configure and optimize Elasticsearch, Kibana, Logstash, and Beats for enterprise-scale environments.
• Develop dashboards, visualizations, and monitoring solutions that support security operations and operational visibility.
• Perform performance tuning, capacity planning, and troubleshooting across the Elastic environment.
• Collaborate with Security Architects and engineering teams to implement scalable, secure, and resilient solutions.
• Document system architecture, implementation procedures, and operational best practices.

Required Qualifications

• Active Secret Security Clearance.
• 7+ years of experience supporting enterprise infrastructure, security engineering, or platform engineering environments.
• Extensive hands-on experience administering and engineering the Elastic Stack (Elasticsearch, Kibana, Logstash, Beats).
• Experience designing and deploying Elasticsearch clusters in production environments.
• Experience implementing or supporting Splunk-to-Elastic migration projects.
• Strong understanding of Linux systems, networking, and distributed architectures.
• Experience with automation and scripting using Bash, Python, or similar languages.
• Strong troubleshooting skills and the ability to resolve complex platform issues.

Preferred Qualifications

• Experience with Elastic Cloud on Kubernetes (ECK).
• Experience integrating or deploying Cribl for log routing and data optimization.
• Familiarity with containerized environments and Kubernetes.
• Experience supporting Department of Defense or Federal Government programs.
• Elastic certifications or other relevant cloud/platform certifications are a plus.