- Design and operate distributed Elastic clusters, including capacity planning, performance tuning, and scaling strategy
- Build and maintain ingestion pipelines aligned to security frameworks and Elastic Common Schema (ECS)
- Manage large-scale Elastic Agent and Fleet deployments
- Serve as the SME for log ingestion, parsing, normalization, and analysis
- Deliver Elastic infrastructure as code (IaC) and automate deployments/configuration where possible
- Develop and maintain Logstash pipelines
- Integrate multiple data sources and third-party platforms into Elastic
- Create automation/scripts to detect anomalies and improve operational workflows
- Build dashboards, visualizations, and investigation workflows in Kibana
- Administer supporting Linux systems for Elastic components
PythonCybersecurityElasticSearch+4 more