Senior Elasticsearch Engineer

Secure our Nation, Ignite your Future

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement. 

Currently, we are seeking a motivated, career and team oriented Senior Elasticsearch Engineer in support of the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Continuous Diagnostic & Mitigation (CDM) Data Services Program. The CDM Data Services Program is a critical component of CISA’s national effort to ensure the defense and resilience of cyberspace. This is a remote position where the candidate can work from any location within the United States provided, they are able to work on an eastern time zone schedule.

The CDM Data Services Program mission is to provide a standardized platform to collect, transform, and integrate cybersecurity data from relevant authoritative data sources into a coherent data, delivering actionable information into Agency and Federal Dashboards to identify risk areas in support of mitigation as well as to facilitate coordinated agency and national response to cyber-threats.

Responsibilities include, but are not limited to:

• Design and implement: ELK (Elasticsearch, Logstash and Kibana) stack solutions; Elastic Cloud on Kubernetes (ECK) solution providing a PaaS alternative to legacy; Elastic Cloud Enterprise deployments in order to improve scalability, flexibility, resilience, and reduce overall costs; Scripts in python3 / BASH to interact with the Elasticsearch API to configured indices, visualizations, manipulate existing data, and perform complex search queries
• Develop: Dynamic Kibana visualizations to display complex analytics of data stored in elastic indices; Advanced KQL queries to power visualizations, reports, and other use cases as needed; Data reporting methodologies within Elastic Cloud Enterprise to advance CDM functionality and usability within Agency environments; YAML configuration files for standard Elasticsearch and containerized elastic platforms; Code to interact with non-Elastic APIs (i.e. cyber security tools such as Tennable.sc) for purposes of data mining; Rules and algorithms for Data processing, transformation, and correlations
• Establish streaming data pipelines using Elastic Beats / Agent on endpoints, fleet server, and elastic integrations
• Work with data stores that support the scalable processing and storage of our high frequency data
• Customize integration tools, warehouses, databases, and analytical systems
• Develop and implement databases, data collection systems, data analytics and other strategies that optimize statistical efficiency and quality
• Analyze, interpret, and develop data models on data based on Data Dictionary & Logical Data Models guidance.

Basic Qualifications:

• Bachelor's Degree complete or in progress preferably in applied mathematics, statistics, computer science, data science, electrical engineering, physics, or closely related field
• A minimum of (8) six years of overall related experience
• Experience with scripting languages like Python, Bash, PowerShell, R
• Knowledge of and experience with reporting packages (Business Objects, etc.), databases (SQL, MySQL, etc.), programming (XML, JavaScript, or ETL frameworks)
• Understanding of containerized PaaS platforms such as Azure Kubernetes Service or Elastic Kubernetes Service as well as IaaS hosted platforms such as Docker and Podman.
• Familiarity with the opensource alternatives to licensed Elasticsearch (OpenSearch)
• Proven ability to use multiple REST API authentication types, knowledge of REST methods, and ability to mine APIs to meet data requirements.
• Proven ability to analyze complex problems, theorize root causes, and develop creative solutions.
• Experience with database query languages like SQL, T-SQL, KQL
• Basic understanding of API calls for data ingestion.
• Basic Understanding of T-SQL, data-warehousing, and data-modeling techniques
• Operating system experience with Linux
• Experience collaborating with US Government Agencies, state or local governments, or commercial entities to develop IT service program maturity in accordance with Federal IT mandates and best practices.

Preferred Qualifications:

• Experience in conducting assessments of an Enterprise by reviewing technical documentation, conducting interviews and workshops to identify gaps and develop a tailored solution is highly desired.
• Desired familiarity with the Elastic Cloud Enterprise (ECE) and Elastic Cloud on Kubernetes (ECK) platforms
• Demonstrated ability to investigate data and present findings to internal teammates and client audiences.
• Any of the following certifications: Elastic Certified Engineer; Cloud platform certifications (AWS Practitioner / Sysops admin, Azure Fundamentals / Admin); Security certification such as Security+

Clearance Requirements

• Must be a US citizen (non-dual citizen)
• Able to obtain and maintain a DHS Suitability (EOD)

Physical Requirements:

• Must be able to be in a stationary position more than 50% of the time 
• Must be able to communicate, converse, and exchange information with peers and senior personnel 
• Constantly operates a computer and other office productivity machinery, such as a computer 
• The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations 
• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.