Apply on Employer Site

ArmorPoint · 2 months ago

Elasticsearch Engineer

United States

Full-time

Remote

Entry, Mid Level

$135K/yr - $160K/yr

2+ years exp

ArmorPoint is a cybersecurity and risk-management platform, and they are seeking an Elasticsearch Engineer to improve and scale their Elasticsearch infrastructure. The role involves managing Elasticsearch clusters, designing data-ingest pipelines, and collaborating with various teams to ensure platform reliability and data integrity.

Cyber SecurityInformation TechnologyNetwork Security

Responsibilities

Meet professional obligations with efficient work habits—hit deadlines, honor schedules, and coordinate resources/meetings effectively

Build strong cross-functional relationships with SecOps, SRE/Platform, Dev, and Compliance

Maintain a professional image and adhere to all company policies/procedures

Produce clear runbooks, diagrams, and training for junior staff; lead knowledge-shares

Participate in and contribute to collaborative engineering/design reviews

Plan and execute zero/minimal downtime Elasticsearch cluster upgrades with rollback and validation steps

Implement and test cluster backups/restores; regularly perform DR exercises

Diagnose and resolve cluster issues (performance, shards, mappings, ILM, security)

Create and maintain Elasticsearch ingest pipelines parsing (Grok, processors, ECS alignment, Painless)

Create and maintain index/component templates, ILM and SLM policies

Create and maintain Elastic Agent integrations via Ansible, adapting data to Elastic Common Schema

Build cluster, agent, and data ingest monitoring & alerting (throughput, latency, drop/error rates) with dashboards Kibana and ElastAlert; respond to incidents

Capacity planning and performance tuning

Own OS configuration management for Elastic nodes using Ansible (idempotent playbooks, CI validation)

Partner with Security to improve data quality, normalization, and retention policies

“Other duties as assigned” in support of platform reliability and data integrity

Qualification

Elasticsearch engineeringAnsibleElastic Certified EngineerGrok patternsGitHubPythonPowerShellBashRubyGoSecurity certificationsLinux

Required

High School Diploma or GED equivalent, required

Elastic Certified Engineer (ECE) or equivalent knowledge, required

2+ years hands-on Elasticsearch engineering in production, required

Ansible experience for automated configuration management, required

Extensive experience with Grok patterns and ingest pipeline parsing

Experience with GitHub (PR workflow, code reviews, Actions/CI)

Some programming experience to be able to comprehend and troubleshoot existing PowerShell and Python scripts

Preferred

ETL/data-engineering experience outside Elastic (e.g., Kafka, Fluent Bit, Airflow)

Programming in Bash, Python, PowerShell, Ruby or Go for tooling, automation, and QA

Security certifications (e.g., CISSP, CISM, CISA, Security+, CEH)

Exposure to Elastic security features, RBAC, TLS, PII handling

Experience with Elastic's tooling such as Rally

Familiarity with ECS, ILM, SLM, Hot-Warm-Cold architectures, index and component templates, data stream and concrete index strategies

Experience with Linux hardening, systemd, and performance tuning for Elastic nodes

Observability practices (SLOs, error budgets), and metrics/logs/traces integration

Benefits

100% employer-funded insurance for employee-only medical, dental, and vision coverage

Generous employer-funded insurance for family medical, dental, and vision coverage

401 (k) plan with company match

Employer-sponsored life insurance

Paid parental leave

3 weeks of paid time off, accrued annually

8 company-paid holidays and 2 floating holidays each year

Certification and training reimbursement program for approved learning expenses

100% remote position (must be located within an approved state in the United States)

On-call Rotation: 1 week on/1 week off

Company equipment provided

Company

ArmorPoint

ArmorPoint 's security management solution reduces your risk without buying expensive hardware or hiring more staff. It is a sub-organization of Trapp Technology.

Founded in 2018

Phoenix, Arizona, USA

51-200 employees