Elastic Administrator (Sunnyvale)

Overview: We are seeking an experienced Elastic SME to support the development, operation, and ongoing management of our on-premise Elasticsearch platform within a security-focused environment.Key Responsibilities:Administer and operate Elastic clusters on Kubernetes using ECK and data streams (deployment, scaling, upgrades)Manage Day 2 operations: monitoring, incident response, troubleshooting, and performance tuningImplement backup/restore, high availability, and disaster recovery strategiesOptimize indexing, ES|QL query performance, and cluster healthSupport security configurations (RBAC, access control, audit logging)Maintain operational runbooks and documentationTake part in the on-call rotation (1 week 24*7 on call per month)Required Skills:Strong hands-on experience with the Elastic Stack (Elasticsearch, Kibana, Fleet Server, Elastic Agent and Search Ingest Pipeline)Proven experience in production support / Day 2 operationsExperience managing on-premise Kubernetes infrastructureSolid understanding of Linux systems, networking, and storageExperience with monitoring and alerting tools such as Loki, Grafana, Prometheus, VictoriaMetricsAutomation using scripting (Python, Bash, etc.)Nice to Have:Experience in security environments or SIEM use casesExperience using Kafka at high scale as part of log ingestion pipeline