Cyber Platform Engineer

Insight Global
Hampton, United States of America
30 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 166K

Job location

Hampton, United States of America

Tech stack

API
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Bash
Elasticsearch
Identity and Access Management
Python
Performance Tuning
Kusto Query Language
Security Information and Event Management
Amazon Web Services (AWS)
Kubernetes
Cloudwatch
Terraform

Job description

Day-to-day (~30% SIEM, ~30% Platform, ~30% AWS, ~10% Coordination):

Deploy and operate Elastic Security clusters across AWS GovCloud and on-prem environments

Build and maintain the underlying infrastructure-EKS clusters, Terraform modules, CI/CD

pipelines

Onboard log sources, build ingest pipelines, and create detection content that actually catches

things

Troubleshoot the full stack-from AWS networking to Kubernetes pods to Elasticsearch

performance

Work with SOC analysts to tune alerts, reduce noise, and improve detection coverage

Document architectures and participate in RMF/ATO activities (you won't own this, but you'll

contribute)

Coordinate with vendors, government stakeholders, and cross-functional teams

Requirements

Active clearance; experience in DoD IL4+ environments

Expert-level in 2 of 3 areas (working knowledge of the third):

AWS Engineering

Advanced VPC & IAM design; EC2, S3, EKS, CloudWatch/Trail, KMS

GovCloud preferred; network/API-level troubleshooting

Platform Engineering

Kubernetes administration (EKS/RKE2)

Helm, Terraform (modules/state), CI/CD pipelines

Container troubleshooting

Elastic SIEM Engineering

Elastic Stack administration

Detection rules, ingest pipelines, KQL

ILM and performance tuning

Python and/or Bash scripting

Strong communication and documentation skills

Apply for this position