Ic Engineer

2 weeks ago


Ashburn, United States Leidos Inc Full time

Description


Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.



We are seeking a talented and motivated Mid-Level Elastic Engineer to join our team. The ideal candidate will have experience working with Elastic Stack (Elasticsearch, Logstash, Kibana, and Beats) to develop, manage, and support scalable search and analytics solutions. The candidate will be part of the Enterprise Logging Solution Team, responsible for maintaining CBP‘s Elastic instances with a heavy emphasis on data on-boarding, content development, configuration, troubleshooting, reporting, and visualizations. Prior experience with Splunk is a strong plus.


Primary Responsibilities


  • Design, develop, and maintain custom dashboards using Elastic stack for monitoring and visualization of system metrics, logs, and traces.


  • Monitor and optimize the performance of Elastic Stack clusters to ensure high availability, reliability, and performance.


  • Work with data sources and ETL processes to integrate and normalize data into Elasticsearch, ensuring data quality and consistency.


  • Implement and maintain security best practices for Elastic Stack, including access controls, encryption, and compliance with regulatory standards.


  • Create and maintain comprehensive documentation for Elastic Stack configurations, processes, and procedures.


  • Maintain Elasticsearch clusters in a cloud based environment across multiple availability zones.


Basic Qualifications


  • Bachelors‘ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 4 to 8 years of related experience. Additional years of experience and cyber certifications may be considered in lieu of degree.


  • 3+ years of Elasticsearch stack (Elasticsearch, Logstash, Beats, Kibana) experience in active production environment.


  • Experience with data ingest, Extract, Transform, and Load (ETL) techniques.


  • Experience with multi-node clustering, architecture, development, implementation, and health monitoring of the indexes.


  • Advanced understanding of Elasticsearch Management, reindexing and data mappings, JSON and KQL searching syntax, and Kibana dashboard options.


  • Experience working with various versions of JAVA.


  • Experienced Linux administrator with strong bash scripting ability.


  • Proficient with managing AWS Elastic Kubernetes Service.


  • Experience troubleshooting, tuning, and configuring Elasticsearch clusters, nodes, shards, and analyzers from the ‘ground up.‘


  • Experience configuring and managing Elastic CDM Dashboard / XML.


  • Proficient with Ansible Ad-hoc commands and creating / editing playbooks for automation.


  • Experience designing, documenting, implementing, securing, and maintaining Elasticsearch, Logstash, Kibana (ELK Stack) Enterprise solutions.


  • Excellent problem-solving skills with the ability to troubleshoot and resolve complex issues in a timely manner.


  • All Department of Homeland Security CBP SOC employees are required to favorably pass a 5-year (BI) Background Investigation.


  • Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment.


Preferred Qualifications


  • Elastic Engineer, Elastic Analyst, and/or Elastic Observability Engineer Certifications.


  • Experience with deploying and using Elasticsearch in Commercial Cloud Platform (ex, AWS, Google Cloud, Azure).


  • Proficiency in scripting languages such as Python or PowerShell for automation and integration tasks.


  • Knowledge of PKI (ability to create and validate certificates).


  • Prior experience with CBP

Original Posting Date:2024-12-12

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range -

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote



  • Ashburn, United States Toyon Research Full time

    U.S. Citizenship Required. Ability to qualify for a US Department of Defense security clearance required. Toyon is seeking an ICS SCADA Systems Engineer to support the design and implementation of specialized industrial network and SCADA systems for corporate and government clients primarily located in the Washington DC area. Toyons project team of...


  • Ashburn, United States Toyon Research Full time

    U.S. Citizenship Required. Ability to qualify for a US Department of Defense security clearance required. This position is in-person. Toyon is seeking an ICS SCADA Systems Engineer to support the design and implementation of specialized industrial network and SCADA systems for corporate and government clients primarily located in the Washington DC area....


  • Ashburn, Virginia, United States Agile Defense Full time

    Cyber Security Engineer Job DescriptionAt Agile Defense, we are committed to delivering innovative solutions to the nation's most critical challenges. As a Cyber Security Engineer, you will play a crucial role in protecting our nation's vital interests by preventing, identifying, containing, and eradicating cyber threats to the DHS's networks.Job...


  • Ashburn, Virginia, United States Toyon Research Full time

    At Toyon Research Corporation, we're seeking an experienced ICS SCADA Systems Engineer to join our team. With a strong focus on industrial network and SCADA systems, this position involves designing and implementing robust solutions for corporate and government clients in the Washington DC area.As a seasoned professional with a minimum of 5 years' experience...


  • Ashburn, United States Agile Defense Full time

    At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of...


  • Ashburn, United States Leidos Full time

    Description The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local...


  • Ashburn, Virginia, United States Toyon Research Full time

    About UsWe at Toyon Research Corporation believe that a well-designed industrial automation system can make all the difference in achieving business success. That's why we're looking for a skilled ICS SCADA Systems Engineer to join our team.The position involves designing and implementing industrial network and SCADA systems for corporate and government...


  • Ashburn, Virginia, United States Leidos Full time

    Job DescriptionCyber Threat Intelligence Analyst Job Summary:We are seeking a highly skilled and experienced Cyber Threat Intelligence Analyst to join our team at Leidos. The successful candidate will be responsible for identifying, tracking, and investigating high-priority threat campaigns, malicious actors, and their techniques, tactics, and procedures...


  • Ashburn, Virginia, United States Leidos Full time

    Job DescriptionWe are seeking an experienced Enterprise Cyber Threat Countermeasures Specialist to join our team at Leidos. This individual will play a crucial role in defending against cyber threats and perform in-depth technical analysis of network and endpoint logs & activity.About the Role:This position is responsible for directing, tracking, and...


  • Ashburn, United States Leidos Full time

    Description The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local...


  • Ashburn, United States Leidos Full time

    Description The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local...


  • Ashburn, United States Leidos Full time

    Description The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local...