Elastic Stack Engineer
Seattle, WA

Job Description

About Coalfire

As a trusted advisor and leader in cybersecurity, Coalfire has more than 15 years in IT security services. We empower organizations to reduce risk and simplify compliance, while minimizing business disruptions. Our professionals are renowned for their technical expertise and unbiased assessments and advice. We recommend solutions to meet each client's specific challenges and build long-term strategies that can help them identify, prevent, respond, and recover from security breaches and data theft. We're on the cutting edge of one of the world's most important industries, and we protect our clients from ever-evolving security threats through our innovative advisory, auditing, and ethical hacking solutions.

The Cyber Defense Consulting group is one of the fastest growing teams within Coalfire and is currently seeking Elastic Stack Engineers to support remotely or work in our Reston, Seattle, Dallas and Denver offices. Current Cyber Defense Engineers support clients ranging from the Fortune 50 to cutting-edge start-ups, presenting a wide variety of challenges and experiences as well as opportunities to travel across the U.S., Europe, Asia, and the Middle East.

What you'll do

In this role, you'll be responsible for deploying and optimizing the Elastic Stack for high-profile, large scale AWS-based solutions. You will be responsible for developing scalable Elastic Stack architectures that will meet the needs of the client use-cases, as well as compliance and security best practices in the client cloud environment. The implementation will be responsible for centralizing log ingest and establishing monitoring, dashboarding, and alerting of all client-related security events within the system boundary. With this centralized data, customers will be capable of meeting security best practices and compliance requirements, as well as supporting automated server routines and optimizing system performance.

In this role, you will:

* Serve as a technical expert supporting one or more customers and associated user groups to solve business and technical problems with specialized SIEM technologies
* Perform highly specialized technical tasks associated with cutting-edge deployment methods
* Serve as a technical task or project leader in the development a best-of-breed SIEM deployment
* Maintain current knowledge of relevant developments in area of expertise
* Create formal documentation such as reports, training material, slide decks, and architecture diagrams
* Communicate with customer stakeholders to include leadership, support teams, and system administrators
* Provide guidance to junior engineers and clients by advising on best practices
* Function as a member of the engineering team participating in technical assessments and cyber advisory for a variety of clients in both commercial and Federal markets
* Assess client security posture using automated tools and manual review of systems and architecture
* Participate in internal and external security trainings and conferences

What you'll bring

* Bachelor's degree (four-year college or university) in an IT-related field or equivalent combination of education and experience
* 2+ years of work experience with Linux system administration and cyber security
* 1-2 years of direct experience with the Elastic Stack performing deployments and optimization of all components (Elasticsearch, Logstash, Kibana, and Beats)
* Experience with Elastic Stack Security features (X-Pack)
* Cloud environment experience (AWS, Azure, etc.)
* Strong proficiency in Java script and JSON
* Strong proficiency in other scripting languages (i.e. Ruby, Python, Bash, Perl, etc.)
* Knowledge of AWS system monitoring, notifications, and logging tools (i.e. Icinga, CloudWatch, Trivoli, Vegas, CloudFront, Logstash, etc.)
* Ability to travel up to 10%

Bonus Points

* Proficient knowledge of NIST-based compliance frameworks (FedRAMP, FISMA, etc.)
* Understanding of best practices with regards to AWS systems development processes
* Experience collaborating with and/or partnering with infrastructure service providers
* Basic understanding of software/application development processes
* Experience building EC2 instances for development, test, and production environments
* Experience building sophisticated and automated infrastructure
* Experience developing and maintaining auto scaling and elastic load balancing (ELB) capabilities
* Understanding of access management and security groups (i.e. LDAP, 1AM, S3 bucket, CloudTrail, SSH, VPN, etc.)
* Elastic Certified Engineer I or II

Why you'll want to join us

Our people make Coalfire great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. We're connected by our desire to innovate and our goal of helping to make the world a more secure place.

Coalfire's high energy, challenging, and fast-paced work environment will keep you engaged and motivated. Work-life balance is a core priority at Coalfire - we work hard and we play hard, and the two often overlap. We host family-friendly events and happy hours along with professional meetups and informal networking sessions, and we're active in our communities. Plus, we offer great benefits, including:

* Flexible paid time off (employees are encouraged to spend four weeks away from the office each year)
* Health, dental, and vision insurance with an employer contribution
* A generous 401(k) plan
* Semi-annual bonus program based on personal and company performance
* Tuition and training/certification reimbursement

Coalfire is an EEO employer.