Position Title: Senior Elastic Engineer (EDR/Defend Focus)

Location: Schriever Space Force Base, Colorado Springs, CO or Redstone Arsenal, Huntsville, AL

Relocation Assistance: None available at this time

Remote/Telework: NO - Not available for this position

Clearance Type: DoD Secret

Shift: Day shift

Travel Required: Up to 10% of the time

Description of Duties:

The Senior Elastic Engineer (EDR/Defend Focus) supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:

• Be a key contributor to the design, implementation, and maintenance of our Elastic Stack environment, with a primary focus on leveraging Elastic EDR and Defend capabilities to enhance our cybersecurity posture.
• Be responsible for ensuring the security, scalability, and performance of our Elastic Stack infrastructure, and will work closely with other teams to integrate it with existing security tools and workflows.

Key Responsibilities:

• Architect, deploy, and maintain a highly available and scalable Elastic Stack environment, specializing in Elastic EDR/Defend.
• Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security event enrichment.
• Develop and maintain Kibana dashboards and visualizations for real-time security monitoring, threat identification, and incident response tracking.
• Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend capabilities.
• Troubleshoot complex Elastic Stack issues, develop comprehensive documentation, and mentor junior engineers to ensure operational excellence.

The successful candidate will have:

• Expert knowledge of the Elastic Stack (Elasticsearch, Logstash, Kibana)
• Expert knowledge of Elastic EDR and Defend capabilities
• Strong understanding of data indexing, sharding, replication, and data lifecycle management.
• Strong understanding of Linux and Windows operating systems
• Strong understanding of security principles, threat detection, and incident response.
• Knowledge of common coding flaws and security vulnerabilities.
• Knowledge of network protocols and security concepts.
• Knowledge of security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Ability to interpret and incorporate data from multiple tool sources.
• Ability to analyze complex requirements and translate them into clear, actionable tasks.
• Ability to work independently and as part of a team.
• Excellent communication and interpersonal skills.

Resumes, in month and year format, must be submitted with application in order to be considered for the position.  The selected candidate may be assigned as an employee for one of our teammate companies.

Basic Requirements:

• Must have 10, or more, years of general (full-time) work experience
• May be reduced with completion of advanced education
• Must have 5, or more, years of experience working defensive cyber security
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members.
• Must have a strong understanding of security principles, threat detection, and incident response.
• Must have experience with data ingestion, processing, and enrichment techniques.
• Must be proficient in at least one scripting language (e.g., Python, Bash, PowerShell).
• Must have aa current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain an active DoD Top Secret Security Clearance

Desired Requirements:

• Have experience with Linux and Windows Server administration.
• Have experience with containerization technologies (Docker, Kubernetes).
• Have experience with automation tools (Ansible, Puppet, Chef).
• Have experience with cloud platforms (AWS, Azure, GCP).
• Have experience with SIEM technologies and security event management.
• Have experience with security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Have a strong understanding of network protocols and security concepts.
• Have experience with threat intelligence platforms and data feeds.
• Have 1, or more, relevant security certifications (e.g., CISSP, CISM, CEH).
• Have experience tuning and optimizing Elastic EDR and Defend for specific threat landscapes.

This position will be posted for a minimum of 3 days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.

Compensation Details:

The compensation range or hourly rate listed for this position is provided as a good-faith estimate of what the company intends to offer for this role at the time this posting was issued. Actual compensation may vary based on factors such as job responsibilities, education, experience, skills, internal equity, market data, applicable collective bargaining agreements, and relevant laws.

Benefits Overview:

Our health and welfare benefits are designed to support you and your priorities. Offerings include:

• Health, dental, and vision insurance

• Paid time off and holidays

• Retirement benefits (including 401(k) matching)

• Educational reimbursement

• Parental leave

• Employee stock purchase plan

• Tax-saving options

• Disability and life insurance

• Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-O'Hara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.

Original Posting:

Amentum anticipates this job requisition will remain open for at least three days, with a closing date no earlier than three days after the original posting. This timeline may change based on business needs.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed,  marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.