Key skills
PythonGoRubyBashPowerShellETLKafkaAirflowAnsibleECSElasticsearchKibanaGitHubRisk Management
About this role
ArmorPoint is a company focused on cybersecurity and risk management, and they are seeking an Elasticsearch Engineer to improve and scale their Elasticsearch infrastructure. The role involves owning the Elasticsearch clusters, managing data-ingest pipelines, and ensuring system reliability and performance.
Responsibilities:
- Meet professional obligations with efficient work habits—hit deadlines, honor schedules, and coordinate resources/meetings effectively
- Build strong cross-functional relationships with SecOps, SRE/Platform, Dev, and Compliance
- Maintain a professional image and adhere to all company policies/procedures
- Produce clear runbooks, diagrams, and training for junior staff; lead knowledge-shares
- Participate in and contribute to collaborative engineering/design reviews
- Plan and execute zero/minimal downtime Elasticsearch cluster upgrades with rollback and validation steps
- Implement and test cluster backups/restores; regularly perform DR exercises
- Diagnose and resolve cluster issues (performance, shards, mappings, ILM, security)
- Create and maintain Elasticsearch ingest pipelines parsing (Grok, processors, ECS alignment, Painless)
- Create and maintain index/component templates, ILM and SLM policies
- Create and maintain Elastic Agent integrations via Ansible, adapting data to Elastic Common Schema
- Build cluster, agent, and data ingest monitoring & alerting (throughput, latency, drop/error rates) with dashboards Kibana and ElastAlert; respond to incidents
- Capacity planning and performance tuning
- Own OS configuration management for Elastic nodes using Ansible (idempotent playbooks, CI validation)
- Partner with Security to improve data quality, normalization, and retention policies
- Other duties as assigned in support of platform reliability and data integrity
Requirements:
- High School Diploma or GED equivalent
- Elastic Certified Engineer (ECE) or equivalent knowledge
- 2+ years hands-on Elasticsearch engineering in production
- Ansible experience for automated configuration management
- Extensive experience with Grok patterns and ingest pipeline parsing
- Experience with GitHub (PR workflow, code reviews, Actions/CI)
- Some programming experience to be able to comprehend and troubleshoot existing PowerShell and Python scripts
- ETL/data-engineering experience outside Elastic (e.g., Kafka, Fluent Bit, Airflow)
- Programming in Bash, Python, PowerShell, Ruby or Go for tooling, automation, and QA
- Security certifications (e.g., CISSP, CISM, CISA, Security+, CEH)
- Exposure to Elastic security features, RBAC, TLS, PII handling
- Experience with Elastic's tooling such as Rally
- Familiarity with ECS, ILM, SLM, Hot-Warm-Cold architectures, index and component templates, data stream and concrete index strategies
- Experience with Linux hardening, systemd, and performance tuning for Elastic nodes
- Observability practices (SLOs, error budgets), and metrics/logs/traces integration