Job Description
We are hiring for Elasticsearch / SIEM / Observability / Engineer / Consultant (Security OR Observability)
Location: Across multiple locations in UK
- Proficiency in Elasticsearch Query DSL, EQL, and Kibana Canvas/dashboards.
- Should have expertise in Elasticsearch, Kibana, including deployment modes and core components.
- Deliver Elastic-driven solutions to maximise customer security outcomes, with future growth into Observability.
- Hands-on experience deploying Elastic Observability or similar platforms (e.g., APM, log, metrics, tracing systems).
- Expert in Bash and Python for automating data onboarding, Scripting skills: Python, Shell, or Painless for pipeline processors. and operational tasks and understanding of network protocols, HTTP, gRPC, and their logging intricacies.
- Proven ability to design and optimize Logstash pipelines (inputs, filters, outputs) and build native Elasticsearch ingest pipelines using various processors (grok, dissect, script, kv, CSV, geo_IP) for event normalization and enrichment.
- Strong knowledge of Linux system administration and container orchestration (Docker, Kubernetes).
- Familiarity with modern observability frameworks like Open Telemetry and Prometheus and their integration with Elastic.
