This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The Elasticsearch Engineer will continuously improve and scale the Elasticsearch infrastructure that powers our high-profile, high-visibility cybersecurity and risk-management platform. You will own the Elasticsearch clusters (provisioning, upgrades, backup/restore, and troubleshooting) managed with Ansible, and you will design, evolve, and operate data-ingest pipelines plus Elastic Fleet policies and integrations using Ansible.

This is a full-time, remote position. Rotation on-call hours required.

What You’ll Do

• Meet professional obligations with efficient work habits—hit deadlines, honor schedules, and coordinate resources/meetings effectively.
• Build strong cross-functional relationships with SecOps, SRE/Platform, Dev, and Compliance.
• Maintain a professional image and adhere to all company policies/procedures.
• Produce clear runbooks, diagrams, and training for junior staff; lead knowledge-shares.
• Participate in and contribute to collaborative engineering/design reviews.
• Plan and execute zero/minimal downtime Elasticsearch cluster upgrades with rollback and validation steps.
• Implement and test cluster backups/restores; regularly perform DR exercises.
• Diagnose and resolve cluster issues (performance, shards, mappings, ILM, security).
• Create and maintain Elasticsearch ingest pipelines parsing (Grok, processors, ECS alignment, Painless).
• Create and maintain index/component templates, ILM and SLM policies.
• Create and maintain Elastic Agent integrations via Ansible, adapting data to Elastic Common Schema.
• Build cluster, agent, and data ingest monitoring & alerting (throughput, latency, drop/error rates) with dashboards Kibana and ElastAlert; respond to incidents.
• Capacity planning and performance tuning.
• Own OS configuration management for Elastic nodes using Ansible (idempotent playbooks, CI validation).
• Partner with Security to improve data quality, normalization, and retention policies.
• “Other duties as assigned” in support of platform reliability and data integrity.

Qualifications

• High School Diploma or GED equivalent, required.
• Elastic Certified Engineer (ECE) or equivalent knowledge, required.
• 2+ years hands-on Elasticsearch engineering in production, required.
• Ansible experience for automated configuration management, required.
• Extensive experience with Grok patterns and ingest pipeline parsing.
• Experience with GitHub (PR workflow, code reviews, Actions/CI).
• Some programming experience to be able to comprehend and troubleshoot existing PowerShell and Python scripts.

Requirements

• ETL/data-engineering experience outside Elastic (e.g., Kafka, Fluent Bit, Airflow).
• Programming in Bash, Python, PowerShell, Ruby or Go for tooling, automation, and QA.
• Security certifications (e.g., CISSP, CISM, CISA, Security+, CEH).
• Exposure to Elastic security features, RBAC, TLS, PII handling.
• Experience with Elastic’s tooling such as Rally.
• Familiarity with ECS, ILM, SLM, Hot-Warm-Cold architectures, index and component templates, data stream and concrete index strategies.
• Experience with Linux hardening, systemd, and performance tuning for Elastic nodes.
• Observability practices (SLOs, error budgets), and metrics/logs/traces integration.

Benefits

• 100% employer-funded insurance for employee-only medical, dental, and vision coverage.
• Generous employer-funded insurance for family medical, dental, and vision coverage.
• 401 (k) plan with company match.
• Employer-sponsored life insurance.
• Paid parental leave.
• 3 weeks of paid time off, accrued annually.
• 8 company-paid holidays and 2 floating holidays each year.
• Certification and training reimbursement program for approved learning expenses.
• 100% remote position (must be located within an approved state in the United States).
• On-call Rotation: 1 week on/1 week off.
• Company equipment provided.