Elastic Administrator

Overview: We are seeking an experienced Elastic SME to support the development, operation, and ongoing management of our on-premise Elasticsearch platform within a security-focused environment. Key Responsibilities: Administer and operate Elastic clusters on Kubernetes using ECK and data streams (deployment, scaling, upgrades) Manage Day 2 operations: monitoring, incident response, troubleshooting, and performance tuning Implement backup/restore, high availability, and disaster recovery strategies Optimize indexing, ES|QL query performance, and cluster health Support security configurations (RBAC, access control, audit logging) Maintain operational runbooks and documentation Take part in the on-call rotation (1 week 24*7 on call per month) Required Skills: Strong hands-on experience with the Elastic Stack (Elasticsearch, Kibana, Fleet Server, Elastic Agent and Search Ingest Pipeline) Proven experience in production support / Day 2 operations Experience managing on-premise Kubernetes infrastructure Solid understanding of Linux systems, networking, and storage Experience with monitoring and alerting tools such as Loki, Grafana, Prometheus, VictoriaMetrics Automation using scripting (Python, Bash, etc.)Nice to Have: Experience in security environments or SIEM use cases Experience using Kafka at high scale as part of log ingestion pipeline