Position Overview:
As an Elasticsearch Administrator Level 3, you will be responsible for managing, maintaining, and optimizing our Elasticsearch infrastructure, with a particular focus on Logstash-related activities. The ideal candidate will have extensive experience with Elasticsearch administration, Logstash configuration, and data parsing using GROK patterns. This role requires strong analytical skills, problem-solving abilities, and a proactive approach to ensure the optimal performance of our Elasticsearch cluster.
Key Responsibilities:
- Manage and maintain Elasticsearch clusters to ensure high availability, performance, and scalability.
- Design, configure, and optimize Logstash pipelines for data ingestion, transformation, and enrichment.
- Develop and maintain custom Logstash parsers using GROK patterns to parse various log formats.
- Collaborate with cross-functional teams to gather requirements and implement solutions to meet business needs.
- Monitor Elasticsearch and Logstash performance metrics, troubleshoot issues, and implement corrective actions as necessary.
- Implement security best practices to ensure the integrity and confidentiality of data stored in Elasticsearch.
- Automate routine administrative tasks using scripting languages such as Python, Shell, or PowerShell.
- Stay updated on the latest trends, technologies, and best practices in Elasticsearch and Logstash administration.
- Provide technical guidance and support to junior administrators and other team members.
- Experience with Elasticsearch security features such as SSL/TLS, role-based access control, and auditing.
Qualifications:
- Bachelor’s degree in computer science, Information Technology, or related field.
- 5+ years of experience in administering Elasticsearch clusters in a production environment.
- Extensive experience with Logstash configuration, including input, filter, and output plugins.
- Proficiency in writing and maintaining custom Logstash parsers using GROK patterns.
- Strong understanding of Elasticsearch architecture, indexing strategies, and search optimization techniques.
- Hands-on experience with monitoring tools such as Elasticsearch Watcher, Elastic Stack Monitoring, or similar.
- Excellent troubleshooting skills and the ability to diagnose and resolve complex issues independently.
- Solid understanding of networking concepts, security principles, and Linux/Unix systems administration.
- Experience with automation tools such as Ansible, Puppet, or Chef is a plus.
- Experience with SIEM tools such as Splunk, QRadar or ArcSight is a plus.
- Elasticsearch or Logstash certification is highly desirable.
If you have the required skills and experience to contribute to our cybersecurity efforts, we encourage you to apply and be part of our dedicated security team.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.