Key skills
ElasticsearchSIEM platformsObservability solutionsKubernetesInfrastructure as CodeCloud environmentsDevOps experienceCybersecurity knowledgeCommunication skillsArtificial IntelligenceAnalyticsAWSAzureGCPTerraformAnsibleServerlessECSGrafanaSplunkKibanaVersion ControlSolrLeadershipCommunication
About this role
ECS is a leading provider of solutions in science, engineering, and advanced technologies, including cloud, cybersecurity, artificial intelligence, data, and enterprise transformation solutions. They are seeking a skilled Elasticsearch and Observability Engineer to design, implement, and manage Elasticsearch environments while ensuring robust observability and monitoring systems.
Responsibilities:
- Design, implement, and manage Elasticsearch clusters
- Optimize search query performance and indexing strategies
- Ensure data integrity and security in Elasticsearch environments
- Monitor Elasticsearch health and performance, addressing issues proactively
- Develop and maintain observability frameworks using tools like Kibana, Grafana, or similar
- Implement logging, metrics, and tracing systems for real-time monitoring of applications
- Analyze and visualize complex datasets to identify trends and anomalies
- Work with cross-functional teams to define observability and search requirements
- Provide technical guidance and support to team members
- Keep up to date with emerging trends and technologies in search and observability
- Document architectures, procedures, and processes
- Prepare reports on system performance, issues, and resolutions
Requirements:
- Outstanding verbal and written communication abilities
- Able and willing to support domestic or international on-site travel with customers or at ECS offices. Any travel will be short in duration and well-planned
- Possess and maintain a U.S. Passport
- Must be eligible to obtain a US Security Clearance
- Experience with search and data platforms (e.g., Elasticsearch, Solr, Lucene), including architecting and scaling search-based solutions
- Certifications in relevant technologies are preferred but not required (e.g., Elastic Certified Engineer, Elastic Observability Engineer)
- Experience working in or closely with DevOps or Site Reliability Engineering (SRE) teams
- Several years of hands-on experience demonstrating depth across the following domains: Elasticsearch and observability solutions, including architecture, deployment models, and operational considerations
- SIEM platforms and concepts (Elastic, Splunk, IBM QRadar, LogRhythm), with experience designing, implementing, or advising on complex SIEM architectures
- Detection-as-Code practices, including rule lifecycle management, version control, and automation pipelines
- Use of ES|QL and advanced querying techniques for analytics, correlation, and investigative workflows
- Linux/Unix systems, networking, and cloud environments (AWS, Azure, GCP), with an architectural understanding of tradeoffs and scale
- Kubernetes-based and containerized deployments, including familiarity with Elastic Cloud on Kubernetes (ECK)
- Infrastructure as Code and automation, leveraging tools such as Terraform and Ansible
- Exposure to serverless architectures and modern cloud-native design patterns
- Experience with log and data pipelines, including tools like CRIBL, for routing, enrichment, and cost optimization
- Broad knowledge of the cybersecurity landscape, including threat detection strategies, security controls, and attacker methodologies
- Ability to communicate technical designs clearly to engineers, stakeholders, and leadership