Elastic Search Engineer

We are seeking a Sr. Elastic Engineer to join our Managed Security Services (MSSP) team. The ideal candidate has hands-on experience with Elastic Stack and enjoys designing, coding, and deploying complex systems. You will collaborate with engineering, DevOps, cloud, and client teams to deliver resilient, high-performance Elastic solutions while maintaining visibility into system health and operational workflows.

Required Skills

• Deep, hands-on expertise with Elastic Stack (Elasticsearch, Kibana, Logstash, Beats, Fleet).
• Strong scripting and automation skills (Python, PowerShell, Bash, etc.).
• Solid understanding of observability, logging, metrics, and distributed systems.
• Experience designing, deploying, and optimizing production-scale Elastic environments.
• Strong Linux/Unix, networking, and cloud platform knowledge (AWS, Azure, GCP).
• Ability to mentor, guide, and influence engineering teams on Elastic best practices.
• Outstanding verbal and written communication skills.
• Willingness and ability to support domestic or international on-site engagements.
• U.S. Passport required.
• Must be eligible to obtain and maintain a U.S. Security Clearance.

Key Responsibilities:

• Design, deploy, and maintain Elastic Stack environments, including Elasticsearch, Kibana, Logstash, Beats, and Fleet.
• Build and optimize ingestion pipelines, index strategies, search queries, dashboards, and automation workflows.
• Write scripts, automation, and integrations (Python, PowerShell, Bash, etc.) to streamline operations, data processing, and monitoring.
• Deploy Elastic across platforms, including on-premises, public cloud (AWS, Azure, GCP), GovCloud, and containerized environments (Kubernetes, Docker, OpenShift).
• Leverage automation and orchestration tools such as Terraform, Ansible, CI/CD pipelines, and Docker to manage deployments and operational tasks.
• Integrate Elastic with enterprise tools such as SIEMs, Splunk, CrowdStrike, and other telemetry sources.
• Monitor system health, troubleshoot performance issues, and optimize for reliability and scalability.
• Lead design reviews, provide guidance on Elastic best practices, and support knowledge sharing across teams.
• Maintain documentation for architectures, deployment patterns, runbooks, and operational best practices.
• Stay current with Elastic features, certifications, and emerging platform capabilities.

Desired Skills

• Familiarity with SIEM concepts, Elastic Security, or other SIEM/EDR platforms.
• Experience with containerization and orchestration (Kubernetes, Docker, OpenShift).
• Experience with automation/orchestration tools (Terraform, Ansible, CI/CD pipelines).
• Familiarity integrating Elastic with endpoint telemetry or cloud-native tools.
• Certifications (preferred):
• Elastic Certified Engineer, Elastic Security Engineer, Elastic Observability Engineer
• AWS Certified Solutions Architect or equivalent
• Docker Certified Associate (DCA)
• Certified Kubernetes Administrator (CKA)
• HashiCorp Certified: Terraform Associate
• Red Hat Certified Specialist in Ansible Automation
• Prior experience in DevOps, Site Reliability Engineering, or cloud platform roles is a plus.
• Experience designing dashboards, observability frameworks, and large-scale workflows.
• Experience with the below:
• Platforms: On-premises, Public Cloud (AWS, Azure, GCP), GovCloud, hybrid deployments
• Containerization: Kubernetes, Docker, OpenShift
• Automation: Terraform, Ansible, CI/CD pipelines, Docker
• Integrations: SIEMs (Splunk, Elastic Security), endpoint/security telemetry (CrowdStrike), cloud-native services
• Competing Technologies:
• Splunk, OpenSearch, Solr, Lucene, Graylog, Datadog, Elastic Cloud alternatives