Elastic, the Search AI Company, enables businesses to harness their data through its AI-powered solutions. The Consulting Engineer - Security will act as a trusted technical advisor, collaborating with customers to design and implement robust security architectures that enhance detection and response capabilities.
Responsibilities:
- Translate business and technical requirements into scalable, outcome-driven solutions built on the Elastic Stack
- Lead end-to-end delivery of customer engagements — from discovery and design through implementation, enablement, and optimization
- Partner with customers to architect, deploy, and operationalize Elastic solutions that drive measurable value and adoption
- Provide technical oversight, guidance, and enablement to customers and teammates throughout project lifecycles
- Collaborate cross-functionally with Sales, Product, Engineering, and Support to ensure successful outcomes and continuous improvement
- Capture and share best practices, lessons learned, and solution patterns across the Elastic Services community
- Contribute to internal enablement, mentoring, and a culture of continuous learning and collaboration
- Guide customers in SIEM, endpoint, and cloud security use cases using Elastic Agents, Beats, Logstash, and related technologies
- Design and implement detection rules, dashboards, visualizations, and alerts for critical security operations
- Optimize ingestion pipelines for performance, scalability, and resiliency at enterprise scale
Requirements:
- 3+ years as a consultant, architect, or engineer with expertise in security, monitoring, or related domains
- Proven experience deploying Elastic Security (SIEM, endpoint, cloud) or similar solutions (Splunk, QRadar, Arcsight, etc.) at enterprise scale
- Strong experience with data ingestion, parsing, and normalization (Elastic Agents, Beats, Logstash, Kafka, Redis)
- Familiarity with threat detection, incident response workflows, and security analytics best practices
- Hands-on expertise with distributed systems, large-scale infrastructure, and public cloud platforms (AWS, Azure, GCP)
- Ability to design and deliver dashboards, detections, and response workflows that drive actionable insights
- Knowledge of common frameworks and standards (MITRE ATT&CK, NIST, ISO 27001, PCI-DSS)
- Proficiency in Linux and at least one programming or scripting language (e.g., Python, Java, PowerShell)
- Strong communication and presentation skills, with experience engaging directly with customers
- Bachelor's, Master's, or PhD in Computer Science, Engineering, Cybersecurity, or related field, or equivalent experience
- Comfortable working in highly distributed teams, both remote and on-site when needed
- Willingness to travel up to 40%
- Elastic Certified Engineer or deep expertise with Elasticsearch and Lucene
- Big 4 consulting or equivalent professional services experience
- Experience with endpoint security solutions such as Elastic Endpoint Security, EDR, or AV platforms
- Knowledge of DevSecOps, Kubernetes, container security, and infrastructure-as-code tools (Terraform, Ansible)
- Experience contributing to open-source projects or documentation
- Public speaking experience at conferences, meetups, or enterprise workshops