Elastic SIEM Engineer

Insight Global
Hampton, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 146K

Job location

Hampton, United States of America

Tech stack

Artificial Intelligence
Elasticsearch
Security Information and Event Management
Kibana

Job description

Design, operate, and continuously enhance an Elastic-based SIEM by ingesting and normalizing diverse security telemetry, building advanced detections and dashboards, and enabling SOC teams to detect, investigate, and respond to threats in a classified federal environment

Requirements

3+ years administering Elastic Stack in security/SIEM environments

Deep experience with Elasticsearch lifecycle management, ECS-based log normalization, and Kibana security analytics

Hands-on with Elastic Security detections, alerting, and case workflows

Proven ability to design and operate log ingestion pipelines across network, endpoint, identity, and cloud sources

Experience supporting DoD, IC, or federal SOC/SIEM operations

Familiarity with AI/ML-driven security analytics (anomaly detection, behavioral analysis, threat scoring)

Active Secret clearance, bachelor's degree, on-site availability, up to 25% travel

Apply for this position