Senior Security Integration Engineer Elastic Stack - Amentum

Key Responsibilities

• Design and deploy Elastic Stack (Elasticsearch, Logstash, Kibana) pipelines to collect, normalize, and store security telemetry from diverse missile‑defense platforms.
• Develop and fine‑tune SIEM use cases, correlation rules, and dashboards to detect and respond to cyber threats in real time.
• Integrate third‑party security tools (e.g., firewalls, IDS/IPS, endpoint agents) with the Elastic Stack, ensuring data fidelity and low latency.
• Collaborate with system engineers and developers to embed security logging into new and existing applications, providing guidance on log format standards.
• Perform performance tuning, capacity planning, and troubleshooting of Elastic clusters to meet high‑availability and compliance requirements.
• Document architecture, procedures, and best practices; provide training and mentorship to junior staff.

Requirements

• 5+ years of hands‑on experience with Elastic Stack components (Elasticsearch, Logstash, Kibana, Beats) in large‑scale security environments.
• Strong background in SIEM design, security event correlation, and threat‑hunting methodologies.
• Proficiency in scripting or programming languages such as Python for data transformation and automation.
• Experience with data normalization, log parsing, and integration of heterogeneous security data sources.
• DoD Secret clearance or ability to obtain one, and familiarity with defense‑grade security standards.