Senior Elastic Stack Data Integration Engineer - DOD jobs in United States
cer-icon
Apply on Employer Site
company-logo

INNOVIM ยท 16 hours ago

Senior Elastic Stack Data Integration Engineer - DOD

positionColorado Springs, Colorado, United States
timeFull-time
remoteOnsite
senioritySenior Level
money$130K/yr - $150K/yr
date5+ years exp

INNOVIM is seeking a Senior Elastic Stack Data Integration Engineer to support the Missile Defense Agency on the Integrated Research and Development for Enterprise Solutions contract. The role involves designing, building, and maintaining data ingestion pipelines supporting Elastic SIEM, ensuring reliable delivery of high-fidelity data to Elasticsearch.

Information Technology
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Serve as the primary technical authority for designing, building, and maintaining data ingestion pipelines supporting Elastic SIEM
Focus on creating scalable, resilient Logstash architectures
Develop advanced pipeline logic
Normalize, enrich, and transform security telemetry
Ensure reliable delivery of high-fidelity data to Elasticsearch
Architect, build, and maintain Logstash pipelines to ingest and transform logs from diverse systems, including network devices, servers, cloud services, and security platforms
Implement parsing, grok patterns, JSON transformations, conditional routing, enrichment logic, and ECS mapping
Optimize pipeline performance, resiliency, and scalability (e.g., persistent queues, pipeline workers, memory tuning, load balancing)
Ensure all ingested data aligns to ECS (Elastic Common Schema) or internal schema requirements
Implement data enrichment workflows (GeoIP, threat intel lookups, metadata injection)
Validate data completeness, integrity, and fidelity across ingestion flows
Maintain and optimize Logstash clusters, including version management, scaling, tuning, and high-availability configurations
Manage integrations with Beats, Elastic Agent, Kafka, syslog endpoints, and custom data collectors
Monitor ingestion throughput, latency, and error rates; implement proactive alerting and troubleshooting processes
Create and maintain technical documentation, including pipeline diagrams, data flow maps, runbooks, and schema references
Establish enterprise standards for parsing, enrichment, normalization, and ingestion patterns
Support internal and external audits by documenting data handling flows and pipeline logic
Work closely with SIEM integration engineers to align pipelines with customer environments and logging requirements
Partner with detection engineering teams to ensure data supports analytic coverage and rule development
Collaborate with infrastructure and platform operations for deployment, scaling, and reliability engineering

Qualification

Logstash architectureElastic Stack componentsData ingestion techniquesData enrichment workflowsLinux administrationPython scriptingKafka integrationCI/CD pipelinesCommunication skillsAttention to detailMentoring skills

Required

Must have 5, or more, years of experience in log ingestion, data engineering, or SIEM pipeline development
Must have 2, or more, years of experience working in a management or leadership role, mentoring and guiding other team members
Must have a strong background in Elastic Stack components (Elasticsearch, Kibana, Beats, Elastic Agent)
Must have experience with data ingestion, processing, and enrichment techniques
Must be proficient with Linux administration, system-level debugging, and CLI-based operations
Must have a DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
Must have an active DoD Secret Security Clearance
Must be able to obtain an active DoD Top Secret Security Clearance

Preferred

Be an Elastic Certified Engineer or have relevant Elastic Stack certifications
Have strong experience integrating Kafka, Redis, or other message bus technologies into ingestion workflows
Be proficient with scripting in Python, Bash, or PowerShell for automation and data validation
Have experience designing geo-distributed or multi-cluster ingestion architectures
Have knowledge of threat intelligence ingestion, correlation data enrichment, and advanced ECS mapping
Have experience with CI/CD pipelines, GitOps workflows, or Infrastructure-as-Code (Terraform, Ansible)
Be familiar with data quality assurance frameworks and pipeline testing methodologies
Have knowledge of cloud-native logging architectures (AWS Firehose, Azure Event Hub, GCP Logging)

Benefits

Comprehensive nationwide Medical/Dental/Vision insurance programs
Life insurance
Matching 401k contribution
Educational/Training support

Company

INNOVIM

twittertwittertwitter
company-logo
INNOVIM is a defense & space company offering IT, Science and Engineering applications.
dateFounded in 2002
location
Greenbelt, Maryland, USA
people-size51-200 employees
web-link
http://innovim.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Shahin Samadi, Ph.D.
Co-Founder and CTO
linkedin
leader-logo
Marianna Murphy
Chief Operating Officer
linkedin

Recent News

Washington Technology
NOAA awards 'Weather' block of $8B services vehicle
2025-09-03
Company data provided by crunchbase