Job description
responsibilities
* design and implement data models for elasticsearch
* develop search solutions using elasticsearch's domain specific language (dsl)
* configure and maintain kibana dashboards and visualizations
* set up and manage logstash for data ingestion
* deploy and configure elastic agents and fleet server
* create etl processes using ingest pipelines
* implement and maintain osquery for system monitoring
* perform elasticsearch administration tasks including:
*
o cluster management
o performance tuning
o disaster recovery planning and implementation
o security configuration and access control
o monitoring and alert setup
* manage elasticsearch deployments in azure/cloud environments
* write supporting code in python and javascript as needed
requirements
* 3+ years of experience with elasticsearch and the elastic stack
* strong understanding of data modeling concepts in elasticsearch
* proficiency with elasticsearch dsl for complex query development
* experience with kibana for data visualization and dashboard creation
* knowledge of logstash configuration and data transformation
* experience with elastic agent and fleet server deployment
* proven ability to develop etl processes using ingest pipelines
* familiarity with osquery for endpoint monitoring
* demonstrated expertise in elasticsearch administration:
*
o cluster management and scaling
o performance tuning and optimization
o disaster recovery implementation
o security configuration and access control
o monitoring and alerting setup
* experience deploying and managing elasticsearch in azure or other cloud environments
* programming skills in python and javascript
* strong problem-solving abilities and attention to detail
preferred qualifications
* elastic certified engineer certification
* experience with high-volume, high-performance search applications
* knowledge of security best practices for elasticsearch deployments
* experience with ci/cd pipelines for elasticsearch configurations
* familiarity with containerization technologies (docker, kubernetes)
* background in log analytics or siem implementations