Consulting Architect - Observability and Security

Consulting Architect - Observability and Security Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale - unleashing the potential of businesses and people. The Elastic Search AI Platform is used by more than 50% of the Fortune500 and brings together the precision of search and the intelligence of AI to help organizations accelerate the results that matter. By leveraging structured and unstructured data, securing and protecting private information more effectively, Elastic provides cloud‑based solutions for search, security, and observability. About the Role As a Consulting Architect , you will play a pivotal role in helping customers realize the value of Elastic’s solutions. While your primary focus will be on observability, you are a versatile expert capable of designing and scaling security architectures to strengthen detection, response, and resilience. You will act as a trusted technical advisor, working with enterprises to improve application performance, infrastructure visibility, and end‑user experience, while also enhancing their overall security posture. You will collaborate cross‑functionally with Professional Services, Engineering, Product, and Sales to accelerate adoption of the Elastic platform, ensuring customers maximize the value of their data and achieve critical business outcomes. Responsibilities Solution Design & Delivery: Translate business and technical requirements into scalable, outcome‑driven solutions built on the Elastic Stack. End‑to‑End Engagement: Lead the delivery of customer projects from discovery and roadmap design through implementation, enablement, and optimization. Architecting Observability: Partner with customers to deploy and operationalize solutions for distributed tracing, metrics pipelines, log aggregation, and SLOs/SLIs. Architecting Security: Guide customers in SIEM, endpoint, and cloud security use cases to improve threat detection and security analytics. Data Engineering: Optimize ingestion pipelines for performance, scalability, and resiliency using Elastic Agents, Beats, Logstash, and stream processing. Actionable Insights: Design and implement custom dashboards, visualizations, detection rules, and alerting in Kibana for both observability and security operations. Technical Leadership: Provide oversight and knowledge transfer to customers and teammates throughout the project lifecycle. Community & Culture: Capture and share best practices and solution patterns, contributing to internal enablement and a culture of continuous learning. Qualifications Professional Expertise: 5+ years as a consultant, architect, or engineer with deep expertise in observability or monitoring, and strong capability in security domains. Deployment Experience: Proven track record of deploying Elastic Observability (APM, logs, metrics) and Elastic Security (SIEM, endpoint) or similar enterprise‑scale solutions. Data Pipeline Mastery: Strong experience with time‑series data ingestion, parsing, and normalization (ECS), including the use of Kafka or Redis. Infrastructure Knowledge: Hands‑on expertise with distributed systems, Linux, Kubernetes, and public cloud platforms such as AWS, Azure, or GCP. Security Literacy: Familiarity with incident response workflows and common frameworks such as MITRE ATT&CK, NIST, or ISO27001. Technical Skills: Proficiency in at least one programming or scripting language (e.g., Python, Java, or PowerShell). Communication: Strong presentation skills with the ability to engage directly with stakeholders and explain complex technical concepts. Education: Bachelor's, Master's, or PhD in Computer Science, Engineering, Cybersecurity, or a related field, or equivalent experience. Flexibility: Comfort working in highly distributed, remote teams and a willingness to travel to customer sites as required. Bonus Points Elastic Certification: Elastic Certified Engineer or deep expertise with Elasticsearch and Lucene. Consulting Background: Prior experience in Big4 or equivalent professional services environments. Modern Tooling: Experience with Infrastructure‑as‑Code (Terraform, Ansible) and container orchestration (ECK). Emerging Tech: Knowledge of machine learning or AI as applied to observability and security. Public Presence: Experience with public speaking at conferences or contributing to open‑source projects. Languages: Multilingual communication skills (e.g., French, German, Spanish) for global engagement. Benefits Competitive pay based on the work you do here and not your previous salary. Health coverage for you and your family in many locations. Ability to craft your calendar with flexible locations and schedules for many roles. Generous number of vacation days each year. We match up to $2,000 (or local currency equivalent) for financial donations and service. Up to 40 hours each year to use toward volunteer projects you love. Embracing parenthood with a minimum of 16 weeks of parental leave. Elastic is an equal opportunity employer and is committed to creating an inclusive culture that celebrates different perspectives, experiences, and backgrounds. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation. We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or recruiting process, please email candidate_accessibility@elastic.co. We will reply to your request within 24 business hours of submission. Applicants have rights under Federal Employment Laws and can view the following posters linked below: Family and Medical Leave Act (FMLA) Poster Employee Polygraph Protection Act (EPPA) Poster Elasticsearch develops and distributes technology and information that is subject to U.S. and other countries' export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Syria, or Russia, including the Ukrainian territories annexed by Russia (The Crimea region of Ukraine, The Donetsk People's Republic (DNR), The Luhansk People's Republic (LNR), Kherson or Zaporizhzhia). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic. Privacy Statement: Please see here for our Privacy Statement. #J-18808-Ljbffr