Elasticsearch Administrator

Position Overview:

As an Elasticsearch Administrator Level 3, you will be responsible for managing, maintaining, and optimizing our Elasticsearch infrastructure, with a particular focus on Logstash-related activities. The ideal candidate will have extensive experience with Elasticsearch administration, Logstash configuration, and data parsing using GROK patterns. This role requires strong analytical skills, problem-solving abilities, and a proactive approach to ensure the optimal performance of our Elasticsearch cluster.

Key Responsibilities:

- Manage and maintain Elasticsearch clusters to ensure high availability, performance, and scalability.

- Design, configure, and optimize Logstash pipelines for data ingestion, transformation, and enrichment.

- Develop and maintain custom Logstash parsers using GROK patterns to parse various log formats.

- Collaborate with cross-functional teams to gather requirements and implement solutions to meet business needs.

- Monitor Elasticsearch and Logstash performance metrics, troubleshoot issues, and implement corrective actions as necessary.

- Implement security best practices to ensure the integrity and confidentiality of data stored in Elasticsearch.

- Automate routine administrative tasks using scripting languages such as Python, Shell, or PowerShell.

- Stay updated on the latest trends, technologies, and best practices in Elasticsearch and Logstash administration.

- Provide technical guidance and support to junior administrators and other team members.

- Experience with Elasticsearch security features such as SSL/TLS, role-based access control, and auditing.

Qualifications:

- Bachelor’s degree in computer science, Information Technology, or related field.

- 5+ years of experience in administering Elasticsearch clusters in a production environment.

- Extensive experience with Logstash configuration, including input, filter, and output plugins.

- Proficiency in writing and maintaining custom Logstash parsers using GROK patterns.

- Strong understanding of Elasticsearch architecture, indexing strategies, and search optimization techniques.

- Hands-on experience with monitoring tools such as Elasticsearch Watcher, Elastic Stack Monitoring, or similar.

- Excellent troubleshooting skills and the ability to diagnose and resolve complex issues independently.

- Solid understanding of networking concepts, security principles, and Linux/Unix systems administration.

- Experience with automation tools such as Ansible, Puppet, or Chef is a plus.

- Experience with SIEM tools such as Splunk, QRadar or ArcSight is a plus.

- Elasticsearch or Logstash certification is highly desirable.

• Competitive salary
  
• Family Medical insurance
  
• Professional development opportunities
  
• Flexible work schedule
  

If you have the required skills and experience to contribute to our cybersecurity efforts, we encourage you to apply and be part of our dedicated security team.