Sr. Elastic Engineer

Sr. Elastic Engineer – Remote, contingent upon additional funding. Are you passionate about cybersecurity and eager to make a lasting impact? Join ECS, a leading provider in cloud, cybersecurity, AI, data, and enterprise transformation. If you’re seeking a challenging yet rewarding role where you can architect cutting-edge endpoint security capabilities, strengthen your skills, and collaborate with experts across disciplines, this opportunity is perfect for you.

• Architect, design, and deploy Elastic Defend across large and distributed enterprise environments.
• Configure and manage Fleet Servers, agent enrollment workflows, endpoint security policies, and security integrations.
• Design and maintain scalable Elasticsearch clusters supporting Elastic Security workloads.
• Build and optimize ingestion pipelines for endpoint telemetry, audit logs, alerts, and other security‑relevant data.
• Improve Elastic Security performance through index management, ILM tuning, ECS mapping optimization, and ingest pipeline enhancements.
• Develop and maintain observability frameworks using Kibana and related tooling, ensuring complete visibility into cluster and EDR operations.
• Implement and support logging, metrics, and tracing systems needed for real‑time monitoring and detection.
• Analyze and visualize datasets to support threat hunting, anomaly detection, and operational insights.
• Troubleshoot Elastic Defend agent behavior, endpoint policy issues, resource conflicts, and integration failures.
• Ensure data integrity, security, and compliance across all Elastic Security components.
• Collaborate closely with SOC, Incident Response, Dev Ops, cloud, and platform engineering teams to align architecture with mission requirements.
• Provide technical guidance, mentoring, and subject‑matter expertise to internal teams and external stakeholders.
• Document system architectures, runbooks, deployment patterns, procedures, and best practices.
• Stay up to date on emerging Elastic Security capabilities, endpoint threat trends, and evolving cybersecurity technologies.

Salary Range: $140,000 – $190,000

• Outstanding verbal and written communication abilities.
• Ability and willingness to support domestic or international on‑site travel as needed.
• Possess and maintain a valid U.S. Passport.
• Must have a Secret clearance, at minimum.

• Experience architecting or administering Elastic Security / Elastic Defend solutions in production environments.
• Certifications such as Elastic Certified Engineer, Elastic Certified Analyst, or Elastic Security Engineer.
• Strong understanding of SIEM and EDR concepts and hands‑on experience with platforms such as Elastic, Splunk, QRadar, Log Rhythm, or Sentinel.
• Proficiency with Linux/Unix systems, networking fundamentals, and cloud environments (AWS, Azure, GCP).
• Experience with Dev Ops/SRE methodologies, including automation, CI/CD, configuration management, and infrastructure‑as‑code.
• Strong scripting abilities in Python, Power Shell, or Bash for automation and data transformation.
• Deep knowledge of modern threat landscapes, endpoint attack techniques, and defensive security controls.
• Familiarity with search/indexing technologies such as Solr or Lucene is a plus.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid‑size provider of technology services to the United States Federal Government. We are focused on people, values, and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.