Company:
Accenture (supporting Army) Role: Sr. SIEM Engineer
(Elastic+Confluence) Location: 5 days onsite
in Ft. Belvoir, VA
Duration: Long Term
Contract
Citizenship: US Citizen (able to obtain Secret
Clearance) Rate: $80 an hour (some
flex)
Top Requirements
Elastic
Confluence
Security+ or any IAT Level II Cert
SIEM experience
Responsibilities:
• Design, deploy, configure, and maintain Elastic stack and
Confluent deployments
• Manage, patch, and upgrade Elasticsearch, Confluent, and
other related systems
• Tune and optimize Elastic stack deployments based on
application/customer needs
• Design and configure ETL data pipelines to ingest customer
defined data sets such as application logs, metrics, and or threat events
• Create custom visualizations and dashboards using Kibana
• Configure and maintain index templates and information
lifecycle management (ILM) policies
• Develop Elastic alerting solutions using Watcher and/or
Kibana Rules and Connectors with integrations to ticketing systems, email, and
messaging apps as required
• Develop Machine Learning (ML) jobs to dynamically monitor
and alert on identified metrics, KPIs, and/or data anomalies
• Follow ITIL based change management processes to move
solutions from Dev to Test and into Production
• Run the day-to-day operations of the security operations
center
• Investigate incidents and lead response efforts as
applicable
Required Skills:
• A Secret clearance will be required to maintain this
position
• Compliance with DoD 8140 / 8570 IAT Level II certification
prior to start date
• At least 5 years of hands-on experience in deployment,
configuration, and solution development using the Elastic Stack for security
and logging use-cases. Specific experience with Elastic SIEM is plus
• Demonstrated experience with the full Elastic Stack - Elasticsearch,
Logstash, Kibana, Beats, Machine Learning, and REST API integration
• Experience integrating Elasticsearch with external systems
(e.g. SOAR tools, Threat Intel Platforms)
• Experience with data management: hot/warm/cold
architectures, shard allocation/re-allocation, snapshots & restoration
• Strong experience with evaluating existing Elastic
clusters, configuration parameters, indexing, search and query performance
tuning, security, and cluster administration
• Experience integrating Elasticsearch with alternate
authentication mechanisms such as SAML, LDAP, and PKI
• Experience with supporting the Elastic Stack in on-prem and
SaaS environments including system monitoring and tuning
• Experience securing the Elastic stack and hardening hosting
environments
• Experience with the design and implement of highly scalable
solutions using the Elastic Stack
• Experience in developing data structures, data mapping from
various sources to achieve data normalization using Elastic Common Schema
• Experience developing Logstash and/or Elastic Ingest
Pipelines
• Experience developing custom visualizations and dashboards
using Kibana, including creating specialized reporting solutions through
Elasticsearch and Kibana APIs to meet complex stakeholder requirements
• Experience in end-to-end Low-level design, development,
administration, and delivery of Elasticsearch based reporting solutions
• Strong technical foundation in building reliable, scalable,
and supportable systems
• Experienced in Red Hat Enterprise Linux deployment and
administration
Desired Skills:
• Experience using and developing Ansible playbooks for
automation of system deployment and/or configuration
• Experience with developing in multiple languages (Python,
Bash, PowerShell, Painless, etc.).
• Understanding of the MITRE ATT&CK framework
• Certified Elastic Engineer or willingness to gain
certification within 90 days of hire
• Experience with cloud environments (e.g., Azure, AWS, GCP,
etc.) and cloud security architecture
• Experience condensing large environments to a single pane
of glass view to facilitate optimal operational efficiency
• Experience leading incident response and forensic
investigative initiatives
• Demonstrated ability to create and present executive level
briefings
• Experience with Army policies, regulations, and processes
preferred
Information
Locations Position Open to Only localsIndustry Information TechnologyStatus OpenJob Age 44 Day'sCreated Date 10/16/2025No.of Positions 1Duration 12Zip Code
