Elasticsearch Engineer

This position will support the Defense Information Systems Agency (DISA) GSM-O II program, and DISA Global Defensive Cyber Operations (DCO) organization based out of Scott AFB, IL with as a Elasticsearch Engineer. 

Job Summary

The Elasticsearch Engineer role will provide support for a large enterprise Elasticsearch deployment.  This role requires providing design, configuration, maintenance and troubleshooting support in the Elastic environments in both cloud and on prem. And also ensure data feeds and application operation are maintained, and provide support to cyber security analysts in development of analytics and other operational aspects of the Elastic product. This role will also collaborate with architecture, engineering, development, and operations teams; ensuring production scalability and stability while maintaining data integrity.

Job Responsibilities

• Building and Managing Elasticsearch Clusters: This includes tasks like installing, configuring, and securing Elasticsearch clusters, as well as troubleshooting issues.
• Data Modeling and Indexing: Defining indexes, dynamic templates, and lifecycle management policies to optimize data storage and retrieval.
• Developing Search Solutions: Writing and executing search queries, including complex Boolean queries, aggregations, and using runtime fields.
• Working with the Elastic Stack: Integrating Elasticsearch with other components like Kibana, Beats, and Logstash to build comprehensive solutions.
• Performance Optimization: Ensuring that Elasticsearch deployments are performant and scalable to meet specific needs.
• Data Analysis and Visualization: Utilizing Kibana to analyze and visualize data stored in Elasticsearch.
• Troubleshooting and Issue Resolution: Identifying and resolving issues within the Elasticsearch environment.

Basic Qualifications

• BS degree and 4 to 8 years of relevant experience in IT and Cybersecurity
• Must have DoD-8570 IAT Level 2 baseline certification (Security+ CE or higher) at start date and be able to obtain CSSP-A certification within 180 days of start date.
• 2+ years of experience with Elasticsearch Administration.
• Direct experience maintaining and integrating Elasticsearch within an operational enterprise information system.
• Experience with maintaining and using Elasticsearch in Commercial Cloud Platforms (e.g., AWS, Google Cloud, Azure).
• At least 2 of the 3 Elastic certifications listed below: Elastic Certified Engineer; Elastic Certified Observability Engineer; or Elastic Certified Analyst
• TS with ability to attain SCI is required for consideration.

Preferred Qualifications

• Experience working on the customer’s systems.
• Understanding of the customer’s system development policies.
• Additional certifications related to Elasticsearch.
• Experience with DISA and DoD Networks.
• Working knowledge of cyber operational security, log analysis, netflow analysis, incident response, malware analysis, computer forensics, and/or cyber-crime.
• Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP, CySA+ or CASP.
• Demonstrated experience briefing leadership.

Original Posting:

June 18, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $85,150.00 - $153,925.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.