Today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
IT - Support
Honolulu, HI (On-Site/Office)
Elastic SME
Contract: Supporting Intelligence and Security Command (INSCOM) Ground Intelligence Support Activity (GISA)
Length: 5 years, currently in option year 1
Location: Fort Shafter - Honolulu, HI
Clearance: TS/SCI
Cert: Sec+ (may be able to get a waiver)
Salary: $180k, but will consider any salary request at this point
Relocation Assistance: Yes
Seeking an Elastic Subject Matter Expert who will lead and coordinate the planning, design, and implementation of the Elastic SIEM for a DoD customer’s projects, supporting a large-scale migration from Splunk. This role requires technical expertise in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, configuration, tuning, and monitoring in secure environments.
Duties to include:
Define project goals and objectives, and review existing Splunk environments, identifying elements for migration. Analyze and document source types, sources, knowledge objects, dashboards, and searches for transition.
Lead the design phase, determining migration criteria and architectural best practices. Outline data source requirements, working closely with security, network, and application teams to ensure integration.
Deploy and configure Elastic Stack components, including Elasticsearch, Kibana, and machine learning nodes. Benchmark and tune the system for optimal performance, ensuring scalability and security.
Set up data collection pipelines, configure data ingestion, and implement relevant beats and Elastic agents. Define and refine rules, alerts, and custom dashboards tailored to the organization’s security requirements.
Oversee testing phases to validate Elastic SIEM functionality, ensuring it meets security visibility, threat detection, and compliance goals.
Manage Elastic SIEM deployment into production, establish monitoring protocols, and perform regular updates. Continuously optimize system performance and address emerging security challenges.
Provide hands-on training, documentation, and resources to staff on Elastic SIEM operations, alert management, and incident response.
Requirements
Clearance: Top Secret/SCI
Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
Certifications:
Advanced certifications in Elastic Stack or SIEM are preferred
IAT II Baseline Certification (Security+ or equivalent) with appropriate Computing Environment (CE) Certification
Experience:
15 years overall experience in information technology and cybersecurity
10-15 years in SIEM deployment, with specific expertise in Elastic Stack; prior experience with Splunk-to-Elastic migration is highly desirable.
Expert knowledge in Elastic Stack (Elasticsearch, Kibana, Logstash, Beats).
Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
Hands-on experience configuring, tuning, and monitoring Elasticsearch clusters, along with custom alerting and dashboard creation
Contract: Supporting Intelligence and Security Command (INSCOM) Ground Intelligence Support Activity (GISA)
Length: 5 years, currently in option year 1
Location: Fort Shafter - Honolulu, HI
Clearance: TS/SCI
Cert: Sec+ (may be able to get a waiver)
Salary: $180k, but will consider any salary request at this point
Relocation Assistance: Yes
Seeking an Elastic Subject Matter Expert who will lead and coordinate the planning, design, and implementation of the Elastic SIEM for a DoD customer’s projects, supporting a large-scale migration from Splunk. This role requires technical expertise in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, configuration, tuning, and monitoring in secure environments.
Duties to include:
Define project goals and objectives, and review existing Splunk environments, identifying elements for migration. Analyze and document source types, sources, knowledge objects, dashboards, and searches for transition.
Lead the design phase, determining migration criteria and architectural best practices. Outline data source requirements, working closely with security, network, and application teams to ensure integration.
Deploy and configure Elastic Stack components, including Elasticsearch, Kibana, and machine learning nodes. Benchmark and tune the system for optimal performance, ensuring scalability and security.
Set up data collection pipelines, configure data ingestion, and implement relevant beats and Elastic agents. Define and refine rules, alerts, and custom dashboards tailored to the organization’s security requirements.
Oversee testing phases to validate Elastic SIEM functionality, ensuring it meets security visibility, threat detection, and compliance goals.
Manage Elastic SIEM deployment into production, establish monitoring protocols, and perform regular updates. Continuously optimize system performance and address emerging security challenges.
Provide hands-on training, documentation, and resources to staff on Elastic SIEM operations, alert management, and incident response.
Requirements
Clearance: Top Secret/SCI
Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
Certifications:
Advanced certifications in Elastic Stack or SIEM are preferred
IAT II Baseline Certification (Security+ or equivalent) with appropriate Computing Environment (CE) Certification
Experience:
15 years overall experience in information technology and cybersecurity
10-15 years in SIEM deployment, with specific expertise in Elastic Stack; prior experience with Splunk-to-Elastic migration is highly desirable.
Expert knowledge in Elastic Stack (Elasticsearch, Kibana, Logstash, Beats).
Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
Hands-on experience configuring, tuning, and monitoring Elasticsearch clusters, along with custom alerting and dashboard creation
group id: 10507520
