Seneca Resources
Principal Recruiter at Seneca Resources | Connecting Professionals with Great Opportunities
Job Title:
Sr. SIEM Engineer (Elastic + Confluent)
Mode:
Contract
Required Certification:
Security +
JD:
Seeking a Sr. SIEM Engineer specializing in Elastic Stack and Confluent in support of the PEO Enterprise SIEM Consolidation / Cyber Defense effort. This effort is focused on the consolidation of PEO Enterprise multiple SIEM solutions (≈40) into one consolidated SIEM. This individual should have extensive experience with Security Information and Event Management (SIEM) deployment and tuning as well as Security Orchestration Automation and Response (SOAR) development and implementation.
Responsibilities
Design, deploy, configure, and maintain Elastic stack and Confluent deployments
Manage, patch, and upgrade Elasticsearch, Confluent, and other related systems
Tune and optimize Elastic stack deployments based on application/customer needs
Design and configure ETL data pipelines to ingest customer defined data sets such as application logs, metrics, and/or threat events
Create custom visualizations and dashboards using Kibana
Configure and maintain index templates and information lifecycle management (ILM) policies
Develop Elastic alerting solutions using Watcher and/or Kibana Rules and Connectors with integrations to ticketing systems, email, and messaging apps as required
Develop Machine Learning (ML) jobs to dynamically monitor and alert on identified metrics, KPIs, and/or data anomalies
Follow ITIL based change management processes to move solutions from Dev to Test and into Production
Run the day‑to‑day operations of the security operations center
Investigate incidents and lead response efforts as applicable
Required Skills
A Secret clearance will be required to maintain this position
Compliance with DoD 8140 / 8570 IAT Level II certification prior to start date
At least 5 years of hands‑on experience in deployment, configuration, and solution development using the Elastic Stack for security and logging use‑cases. Specific experience with Elastic SIEM is plus
Demonstrated experience with the full Elastic Stack – Elasticsearch, Logstash, Kibana, Beats, Machine Learning, and REST API integration
Experience integrating Elasticsearch with external systems (e.g. SOAR tools, Threat Intel Platforms)
Experience with data management: hot/warm/cold architectures, shard allocation/re‑allocation, snapshots & restoration
Strong experience with evaluating existing Elastic clusters, configuration parameters, indexing, search and query performance tuning, security, and cluster administration
Experience integrating Elasticsearch with alternate authentication mechanisms such as SAML, LDAP, and PKI
Experience with supporting the Elastic Stack in on‑prem and SaaS environments including system monitoring and tuning
Experience securing the Elastic Stack and hardening hosting environments
Experience with the design and implementation of highly scalable solutions using the Elastic Stack
Experience in developing data structures, data mapping from various sources to achieve data normalization using Elastic Common Schema
Experience developing Logstash and/or Elastic Ingest Pipelines
Experience developing custom visualizations and dashboards using Kibana, including creating specialized reporting solutions through Elasticsearch and Kibana APIs to meet complex stakeholder requirements
Experience in end‑to‑end low‑level design, development, administration, and delivery of Elasticsearch‑based reporting solutions
Strong technical foundation in building reliable, scalable, and supportable systems
Experience with Red Hat Enterprise Linux deployment and administration
Desired Skills
Experience using and developing Ansible playbooks for automation of system deployment and/or configuration
Experience with developing in multiple languages (Python, Bash, PowerShell, Painless, etc.)
Understanding of the MITRE ATT&CK framework
Certified Elastic Engineer or willingness to gain certification within 90 days of hire
Experience with cloud environments (e.g., Azure, AWS, GCP, etc.) and cloud security architecture
Experience condensing large environments to a single pane of glass view to facilitate optimal operational efficiency
Experience leading incident response and forensic investigative initiatives
Demonstrated ability to create and present executive level briefings
Experience with Army policies, regulations, and processes preferred
About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm; we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact.
When you work with Seneca, you’re choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way.
Seneca Resources is proud to be an Equal Opportunity Employer, committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.
#J-18808-Ljbffr
Sr. SIEM Engineer (Elastic + Confluent)
Mode:
Contract
Required Certification:
Security +
JD:
Seeking a Sr. SIEM Engineer specializing in Elastic Stack and Confluent in support of the PEO Enterprise SIEM Consolidation / Cyber Defense effort. This effort is focused on the consolidation of PEO Enterprise multiple SIEM solutions (≈40) into one consolidated SIEM. This individual should have extensive experience with Security Information and Event Management (SIEM) deployment and tuning as well as Security Orchestration Automation and Response (SOAR) development and implementation.
Responsibilities
Design, deploy, configure, and maintain Elastic stack and Confluent deployments
Manage, patch, and upgrade Elasticsearch, Confluent, and other related systems
Tune and optimize Elastic stack deployments based on application/customer needs
Design and configure ETL data pipelines to ingest customer defined data sets such as application logs, metrics, and/or threat events
Create custom visualizations and dashboards using Kibana
Configure and maintain index templates and information lifecycle management (ILM) policies
Develop Elastic alerting solutions using Watcher and/or Kibana Rules and Connectors with integrations to ticketing systems, email, and messaging apps as required
Develop Machine Learning (ML) jobs to dynamically monitor and alert on identified metrics, KPIs, and/or data anomalies
Follow ITIL based change management processes to move solutions from Dev to Test and into Production
Run the day‑to‑day operations of the security operations center
Investigate incidents and lead response efforts as applicable
Required Skills
A Secret clearance will be required to maintain this position
Compliance with DoD 8140 / 8570 IAT Level II certification prior to start date
At least 5 years of hands‑on experience in deployment, configuration, and solution development using the Elastic Stack for security and logging use‑cases. Specific experience with Elastic SIEM is plus
Demonstrated experience with the full Elastic Stack – Elasticsearch, Logstash, Kibana, Beats, Machine Learning, and REST API integration
Experience integrating Elasticsearch with external systems (e.g. SOAR tools, Threat Intel Platforms)
Experience with data management: hot/warm/cold architectures, shard allocation/re‑allocation, snapshots & restoration
Strong experience with evaluating existing Elastic clusters, configuration parameters, indexing, search and query performance tuning, security, and cluster administration
Experience integrating Elasticsearch with alternate authentication mechanisms such as SAML, LDAP, and PKI
Experience with supporting the Elastic Stack in on‑prem and SaaS environments including system monitoring and tuning
Experience securing the Elastic Stack and hardening hosting environments
Experience with the design and implementation of highly scalable solutions using the Elastic Stack
Experience in developing data structures, data mapping from various sources to achieve data normalization using Elastic Common Schema
Experience developing Logstash and/or Elastic Ingest Pipelines
Experience developing custom visualizations and dashboards using Kibana, including creating specialized reporting solutions through Elasticsearch and Kibana APIs to meet complex stakeholder requirements
Experience in end‑to‑end low‑level design, development, administration, and delivery of Elasticsearch‑based reporting solutions
Strong technical foundation in building reliable, scalable, and supportable systems
Experience with Red Hat Enterprise Linux deployment and administration
Desired Skills
Experience using and developing Ansible playbooks for automation of system deployment and/or configuration
Experience with developing in multiple languages (Python, Bash, PowerShell, Painless, etc.)
Understanding of the MITRE ATT&CK framework
Certified Elastic Engineer or willingness to gain certification within 90 days of hire
Experience with cloud environments (e.g., Azure, AWS, GCP, etc.) and cloud security architecture
Experience condensing large environments to a single pane of glass view to facilitate optimal operational efficiency
Experience leading incident response and forensic investigative initiatives
Demonstrated ability to create and present executive level briefings
Experience with Army policies, regulations, and processes preferred
About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm; we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact.
When you work with Seneca, you’re choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way.
Seneca Resources is proud to be an Equal Opportunity Employer, committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.
#J-18808-Ljbffr