Senior Elastic Engineer

Everforth ECS Federal is seeking a Senior Elastic Engineer to support enterprise observability modernization and migration initiatives within a federal healthcare environment supporting the U.S. Department of Veterans Affairs.

The Senior Elastic Engineer serves as a subject matter expert for the design, implementation, and optimization of the Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) in support of Department of Veterans Affairs (VA) enterprise networks and cybersecurity operations. This role is critical for establishing robust log aggregation, data analytics, and real-time dashboarding to enhance situational awareness, threat hunting capabilities, and overall cybersecurity posture across VA information systems. 

Required Skills

• Must be a US citizen with ability to obtain and maintain a Tier 5 (T5) background investigation (Public Trust Level 5) 

• Minimum 7 years of experience supporting enterprise logging, SIEM, observability, or cybersecurity engineering platforms 

• Minimum 5 years of hands-on Elastic Stack engineering experience 

• Develop and maintain Logstash pipelines and Beats configurations to efficiently route and process high-volume network, security, and application data 

• Monitor cluster health and optimize indices, shards, and queries for maximum performance and cost-effectiveness 

• Implement and maintain Elastic Security features (e.g., Role-Based Access Control, TLS encryption) ensuring compliance with VA Handbook 6500 and federal security standards 

• Analyze operational impacts associated with cybersecurity events, system changes, and platform performance issues with the ability to apply cybersecurity and privacy principles to organizational requirements 

• Develop and optimize ingestion pipelines, parsers, enrichment workflows, and telemetry normalization strategies 

• Architect, engineer, and deploy highly available and scalable Elasticsearch clusters across VA enclaves and cloud environments. 

• Troubleshoot ingestion failures, performance bottlenecks, and observability platform issues 

• Support Authority to Operate (ATO), Risk Management Framework (RMF), compliance validation, and continuous monitoring activities 

• Develop technical documentation, operational procedures, and knowledge transfer materials 

• Provide Tier 3 troubleshooting and act as a technical mentor for junior engineers 

Salary Range: $120,000-160,000

General Description of Benefits

Qualifications

• 7+ years of experience with a Bachelor’s degree in Cybersecurity, Engineering or Computer Science, and/or 10+ years of equivalent experience 

• One or more related certifications preferred: 

• Elastic Certified Engineer or Elastic Certified Observability Engineer 

• AWS Certified Security or Microsoft Azure Security Engineer 

• Security+ or CSSIP 

• Equivalent cybersecurity or cloud certificates