Skip to content
mimi
All jobs

Senior Elastic SIEM Migration Engineer

Marathon TS

Quantico · On-site Full-time Senior $185k – $220k/yr 4w ago
Apply with a tailored resume Save job

About the role

Description

Marathon TS is seeking a highly skilled Splunk to Elastic Migration Engineer to lead and execute end‐to‐end SIEM modernization initiatives. This role is responsible for designing and implementing Elastic deployments using the Elastic Cloud on Kubernetes (ECK) model, migrating legacy Splunk knowledge objects, detections, and data pipelines, and ensuring operational readiness through cutover validation and workflow integrations. The ideal candidate has deep hands‐on experience with SIEM engineering, detection engineering, Elastic Stack architecture, and security operations workflows—particularly within enterprise or federal environments.

Required Skills & Experience

  • 5+ years' experience in SIEM engineering or security operations
  • Hands‐on experience with Elastic Stack (Elasticsearch, Kibana, Elastic Security)
  • Proven experience migrating from Splunk to Elastic or similar SIEM platforms
  • Strong understanding of: SIEM data models and schemas
  • Elastic Common Schema (ECS) Field Mappings
  • Detection engineering and alert tuning
  • Experience with Kubernetes and the ECK deployment model
  • Strong scripting or automation skills (Python, Bash, etc.)
  • Provide post-cutover from legacy platforms to Elastic, ensuring continuity of operations
  • Migrate an existing Splunk SIEM environment (approximately 6 TB/day of data) to Elastic SIEM.
  • Active TS clearance

Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").

Pay

$185,000.00 - $220,000.00 per year

Education

  • Bachelor's (Required)

Experience

  • Elastic Stack: 5 years (Required)
  • supported a SIEM migration: 5 years (Required)
  • Python, Bash, PowerShell, or similar tools: 4 years (Required)

Security clearance

  • Top Secret (Required)

Work Location

In person

Skills

BashElastic Common SchemaElastic StackElasticsearchKibanaKubernetesPythonSplunkECK

Similar roles

Principal Information Security Systems Engineer (ISSE)

Serco

Senior Database Engineer

Glencore AG

Team Leads

imagino

€70k – €110k/yr

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free