Job Description

Job Description

Job Description

Description:

Leading with our people, Digital Consultants mission is to deliver the highest level of professional solutions while being a trusted partner and advisor to our customers. With a culture of practicality, opportunity, and creativity we remain dedicated to being honest, trustworthy, respectful, and ethical in everything we do. We are a certified SBA 8(a) small, disadvantaged business that supports multiple IT customers within the Federal, civilian and private sectors. Digital Consultants also offers our employees growth opportunities, competitive wages, and a full benefits package. Our founding principles, Fairness and Common Sense, make working here more than a job, it’s the Digital family.

Digital Consultants is seeking an experienced Elastic Subject Matter Expert (SME) to lead and coordinate the planning, design, and implementation of the Elastic SIEM for a DoD customer’s projects. This role involves supporting a large-scale migration from Splunk and requires technical expertise in the Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, configuration, tuning, and monitoring in secure environments.

LOCATION: Fort Belvoir, VA

Duties to include:

• Define project goals and objectives, and review existing Splunk environments, identifying elements for migration. Analyze and document source types, sources, knowledge objects, dashboards, and searches for transition.
• Lead the design phase, determining migration criteria and architectural best practices. Outline data source requirements, working closely with security, network, and application teams to ensure integration.
• Deploy and configure Elastic Stack components, including Elasticsearch, Kibana, and machine learning nodes. Benchmark and tune the system for optimal performance, ensuring scalability and security.
• Set up data collection pipelines, configure data ingestion, and implement relevant beats and Elastic agents. Define and refine rules, alerts, and custom dashboards tailored to the organization’s security requirements.
• Oversee testing phases to validate Elastic SIEM functionality, ensuring it meets security visibility, threat detection, and compliance goals.
• Manage Elastic SIEM deployment into production, establish monitoring protocols, and perform regular updates. Continuously optimize system performance and address emerging security challenges.
• Provide hands-on training, documentation, and resources to staff on Elastic SIEM operations, alert management, and incident response.

• Clearance: Top Secret/SCI
• Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Certifications:

• Advanced certifications in Elastic Stack or SIEM are preferred
• IAT III Baseline Certification (CISSP or equivalent) with appropriate work role certifications

Experience:

• 15 years overall experience in information technology and cybersecurity
• 10-15 years in SIEM deployment, with specific expertise in Elastic Stack; prior experience with Splunk-to-Elastic migration is highly desirable.
• Expert knowledge in Elastic Stack (Elasticsearch, Kibana, Logstash, Beats).
• Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
• Hands-on experience configuring, tuning, and monitoring Elasticsearch clusters, along with custom alerting and dashboard creation.

Required Technical Skills:

• Proficiency in Elasticsearch, including data modeling, querying, and performance tuning.
• Experience with Logstash for data ingestion and transformation.
• Knowledge of Kibana for data visualization and dashboard creation.
• Familiarity with other related technologies such as Kafka, Hadoop, and Spark.
• Experience in designing and implementing scalable, distributed systems using the ELK stack.
• Skills in performance tuning and optimization of Elasticsearch clusters.
• Experience with cloud platforms like AWS, Azure, or Google Cloud for deploying and managing the ELK stack.
• Proficiency in programming languages such as Python, Java, or Scala.
• Experience with DevOps practices and tools like Jenkins, Docker, and Kubernetes for continuous integration and deployment.
• Knowledge of securing Elasticsearch clusters and implementing best practices for data security.
• Strong analytical and problem-solving skills to troubleshoot and resolve issues.
• Excellent communication skills to collaborate with cross-functional teams and stakeholders.
• Ability to work effectively in a team environment and mentor junior team members.
• Physical: The candidate, with or without reasonable accommodation, must physically be able to sit or stand for extended periods of time; lift objects up to 20 pounds; require frequent physical hand dexterity and repetitive movements.

Digital Consultants, an inclusive and welcoming company, is fully committed to hiring and retaining a diverse workforce without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), genetic information, national origin, age (40 or older), disability, Veterans status or any other protected characteristic.

We provide reasonable accommodations to individuals who need assistance during any part of the employment process. If you need assistance navigating Digital Consultants job openings or applying for a position, please send an email to recruiting@digiconintl.com or call 571-306-3444. Please provide your contact information and let us know how we can assist you.

#IND1

Job Tags

Similar Jobs