1

Elasticsearch Engineer Jobs (NOW HIRING)

next page

Showing results 1-20

Elasticsearch Engineer information

What is an Elasticsearch Engineer job?

An Elasticsearch Engineer is responsible for designing, implementing, and managing search and analytics solutions using Elasticsearch. They optimize search performance, ensure data indexing efficiency, and maintain cluster health and scalability. Additionally, they integrate Elasticsearch with various applications, troubleshoot issues, and enhance system security. Their role often involves working with data processing pipelines, query optimization, and infrastructure management.

What are the key skills and qualifications needed to thrive in the Elasticsearch Engineer position, and why are they important?

To thrive as an Elasticsearch Engineer, you need strong programming skills (particularly in Java, Python, or similar languages), in-depth knowledge of search algorithms and data indexing, and experience managing distributed systems. Familiarity with Elasticsearch, Kibana, Logstash (the ELK stack), cloud infrastructure (such as AWS or GCP), and relevant certifications like Elastic Certified Engineer are often required. Analytical problem-solving, attention to detail, and effective communication are key soft skills for success in this role. These abilities are crucial to design, implement, and optimize robust search solutions that efficiently meet business and user needs.

What does a typical day look like for an Elasticsearch Engineer?

A typical day for an Elasticsearch Engineer often involves designing and optimizing search architectures, developing custom queries or plugins, and ensuring the performance, security, and reliability of Elasticsearch clusters. You'll regularly collaborate with development teams to integrate Elasticsearch with various applications and may also monitor metrics, troubleshoot issues, and make improvements based on system usage data. Participation in code reviews and technical discussions is common, along with continuous learning to stay updated on new features and best practices. This hands-on and collaborative work environment helps ensure that large amounts of data are searchable and accessible to both technical and non-technical stakeholders.

More about Elasticsearch Engineer jobs
What cities are hiring for Elasticsearch Engineer jobs? Cities with the most Elasticsearch Engineer job openings:
What are the most commonly searched types of Elasticsearch Engineer jobs? The most popular types of Elasticsearch Engineer jobs are:
What states have the most Elasticsearch Engineer jobs? States with the most job openings for Elasticsearch Engineer jobs include:
What job categories do people searching Elasticsearch Engineer jobs look for? The top searched job categories for Elasticsearch Engineer jobs are:
Infographic showing various Elasticsearch Engineer job openings in the United States as of July 2026, with employment types broken down into 4% As Needed, 77% Full Time, 1% Part Time, 4% Contract, and 14% Nights. Highlights an 83% Physical, 4% Hybrid, and 13% Remote job distribution.
Elasticsearch Lead Engineer - SIEM Platform

Elasticsearch Lead Engineer - SIEM Platform

Vanguard Group

Malvern, PA • On-site

$100K - $132K/yr

Full-time

Posted 20 days ago


Vanguard rating

8.7

Company rating: 8.7 out of 10

Based on 60 frontline employees who took The Breakroom Quiz

16th of 146 rated financial services


Job description

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.
Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.
Our crew are our greatest resource - by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.
Elasticsearch Lead Engineer - SIEM Platform:
  • Architect and maintain high-availability Elasticsearch clusters supporting large-scale security event ingestion
  • Define and enforce Elastic Common Schema (ECS) field mappings across all data sources, ensuring consistent normalization for detection rules and analytics
  • Design and develop custom data ingestion pipelines using Elasticsearch
  • Integrate with AWS services including S3, Kinesis Data Streams, Lambda, and CloudWatch for log collection
  • Manage AWS infrastructure: EC2, S3, IAM, and Secrets Manager - using AWS CloudFormation
  • Implement data lifecycle management - hot/warm/cold/frozen tier strategies, ILM policies, and snapshot/restore to S3-based data lakes
  • Partner with Detection Engineering and Threat Intelligence teams to optimize index strategies, queries, and dashboards in Kibana
  • Establish and maintain cluster security controls: TLS/mTLS, role-based access control (RBAC), audit logging, and encryption at rest
  • Build resilient, fault-tolerant architectures: cross-cluster replication, shard allocation awareness, and disaster recovery runbooks
  • Perform activities related platform health monitoring and upgrade / patching
  • Troubleshoot and manage production technical issues related to Elasticsearch cloud
  • Define and enforce SLOs for ingestion latency, query performance, and cluster availability
  • Mentor junior engineers and establish best practices, runbooks, and architectural standards

Qualifications
  • Minimum of six years related work experience.
  • Undergraduate degree in a related field or the equivalent combination of training and experience.
  • 6+ years of Elasticsearch / Elastic Stack (ELK) experience in a production security or observability environment
  • Deep understanding of Elastic Common Schema (ECS) and experience mapping diverse log sources (Windows, Linux, network, cloud, EDR) to ECS
  • Hands-on experience operating Elasticsearch at scale (10TB+/day ingest, 100+ node clusters)
  • Proficiency with AWS - Kinesis, S3, IAM, CloudTrail, and AWS-native log sources
  • Experience with data streaming platforms - Apache Kafka, or Confluent Platform - for high-throughput event ingestion
  • Experience integrating with data lake platforms - AWS S3 / Lake Formation, Data Lake, or Apache Iceberg for long-term retention and threat hunting
  • Strong understanding of security principles: least privilege, network segmentation, secrets management, audit logging
  • Experience building resilient systems: replication topologies, capacity planning, chaos engineering mindset, and documented DR procedures
  • Proficiency with infrastructure-as-code tools (Terraform, Ansible, or CDK) (Optional)

Preferred Qualifications
  • Elastic Certified Engineer or Elastic Certified Analyst certification
  • Experience with Elastic Security / SIEM detection rules, ML jobs, and Timeline investigations
  • Familiarity with MITRE ATT&CK framework and how it informs index and detection design
  • Experience with container-based deployments of Elastic (ECK / Kubernetes)
  • Knowledge of compliance frameworks: SOC 2, PCI-DSS, HIPAA, or FedRAMP

Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.
About Vanguard
At Vanguard, we don't just have a mission-we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

What Vanguard employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom