Elasticsearch Engineer

Summary

The Elasticsearch Engineer will continuously improve and scale the Elasticsearch infrastructure that powers our high-profile high-visibility cybersecurity and risk-management platform. You will own the Elasticsearch clusters (provisioning upgrades backup/restore and troubleshooting) managed with Ansible and you will design evolve and operate data-ingest pipelines plus Elastic Fleet policies and integrations using Ansible.

This is a full-time remote position. Rotation on-call hours required.

What Youll Do

• Meet professional obligations with efficient work habitshit deadlines honor schedules and coordinate resources/meetings effectively.
• Build strong cross-functional relationships with SecOps SRE/Platform Dev and Compliance.
• Maintain a professional image and adhere to all company policies/procedures.
• Produce clear runbooks diagrams and training for junior staff; lead knowledge-shares.
• Participate in and contribute to collaborative engineering/design reviews.
• Plan and execute zero/minimal downtime Elasticsearch cluster upgrades with rollback and validation steps.
• Implement and test cluster backups/restores; regularly perform DR exercises.
• Diagnose and resolve cluster issues (performance shards mappings ILM security).
• Create and maintain Elasticsearch ingest pipelines parsing (Grok processors ECS alignment Painless).
• Create and maintain index/component templates ILM and SLM policies
• Create and maintain Elastic Agent integrations via Ansible adapting data to Elastic Common Schema.
• Build cluster agent and data ingest monitoring & alerting (throughput latency drop/error rates) with dashboards Kibana and ElastAlert; respond to incidents.
• Capacity planning and performance tuning
• Own OS configuration management for Elastic nodes using Ansible (idempotent playbooks CI validation).
• Partner with Security to improve data quality normalization and retention policies.
• Other duties as assigned in support of platform reliability and data integrity.

Minimum Qualifications

• High School Diploma or GED equivalent required.
• Elastic Certified Engineer (ECE) or equivalent knowledge required.
• 2 years hands-on Elasticsearch engineering in production required.
• Ansible experience for automated configuration management required.
• Extensive experience with Grok patterns and ingest pipeline parsing.
• Experience with GitHub (PR workflow code reviews Actions/CI).
• Some programming experience to be able to comprehend and troubleshoot existing PowerShell and Python scripts.

Nice to Have

• ETL/data-engineering experience outside Elastic (e.g. Kafka Fluent Bit Airflow).
• Programming in Bash Python PowerShell Ruby or Go for tooling automation and QA.
• Security certifications (e.g. CISSP CISM CISA Security CEH).
• Exposure to Elastic security features RBAC TLS PII handling.
• Experience with Elastics tooling such as Rally.
• Familiarity with ECS ILM SLM Hot-Warm-Cold architectures index and component templates data stream and concrete index strategies.
• Experience with Linux hardening systemd and performance tuning for Elastic nodes.
• Observability practices (SLOs error budgets) and metrics/logs/traces integration.

Tools & Technologies Youll Use

Elasticsearch Kibana Fleet Elastic Agent Grok. Painless Ansible Git Linux SSH TLS/PKI; Python PowerShell Vault Consul.

Success Metrics (First 612 Months)

• Ability to create and manage custom pipelines with strict adherence to the Elastic Common Schema.
• Zero-defect execution of at least one cluster upgrade with validated rollback plan.
• Backups & restores documented and tested; RPO/RTO objectives met.
• Pipeline error rate and data latency within defined SLOs; data quality KPIs improved.
• Ansible playbooks and runbooks documented peer-reviewed and CI-validated.
• Measurable reduction in MTTR for Elastic-related incidents.

Work Environment & Benefits

Trapp Technology and ArmorPoint take pride in a workplace defined by positivity respect and collaboration where a strong work ethic innovation and mutual trust drive personal and company growth. We value our team members and offer a competitive benefit package including health insurance retirement benefits generous paid time off and more as listed below:

• 100% employer-funded insurance for employee-only medical dental and vision coverage
• Generous employer-funded insurance for family medical dental and vision coverage
• 401 (k) plan with company match
• Employer-sponsored life insurance
• Paid parental leave
• 3 weeks of paid time off accrued annually
• 8 company-paid holidays and 2 floating holidays each year
• Certification and training reimbursement program for approved learning expenses
• 100% remote position (must be located within an approved state in the United States)
• On-call Rotation: 1 week on/1 week off
• Company equipment provided