Senior Elastic SIEM Migration Engineer

Marathon TS Inc
Quantico, United States of America
12 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 220K

Job location

Quantico, United States of America

Tech stack

Amazon Web Services (AWS)
Bash
Computer Security
Elasticsearch
Intrusion Detection and Prevention
Python
Powershell
Security Information and Event Management
Kubernetes
Kibana
Splunk
Data Pipelines

Job description

Marathon TS is seeking a highly skilled Splunk to Elastic Migration Engineer to lead and execute end-to-end SIEM modernization initiatives. This role is responsible for designing and implementing Elastic deployments using the Elastic Cloud on Kubernetes (ECK) model, migrating legacy Splunk knowledge objects, detections, and data pipelines, and ensuring operational readiness through cutover validation and workflow integrations. The ideal candidate has deep hands-on experience with SIEM engineering, detection engineering, Elastic Stack architecture, and security operations workflows-particularly within enterprise or federal environments.

Requirements

Do you have experience in Splunk?, Do you have a Bachelor's degree?, * 5+ years' experience in SIEM engineering or security operations

  • Hands-on experience with Elastic Stack (Elasticsearch, Kibana, Elastic Security)
  • Proven experience migrating from Splunk to Elastic or similar SIEM platforms
  • Strong understanding of:SIEM data models and schemas
  • Elastic Common Schema (ECS) Field Mappings
  • Detection engineering and alert tuning
  • Experience with Kubernetes and the ECK deployment model
  • Strong scripting or automation skills (Python, Bash, etc.)
  • Provide post-cutover from legacy platforms to Elastic, ensuring continuity of operations
  • Migrate an existing Splunk SIEM environment (approximately 6 TB/day of data) to Elastic SIEM.
  • Active TS clearance, * Bachelor's (Required), * Elastic Stack: 5 years (Required)
  • supported a SIEM migration: 5 years (Required)
  • Python, Bash, PowerShell, or similar tools: 4 years (Required)

Security clearance:

  • Top Secret (Required)

Benefits & conditions

Pulled from the full job description

  • Opportunities for advancement, Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").

Pay: $185,000.00 - $220,000.00 per year

Apply for this position