Elastic Observability Specialist

We are hiring for Elastic Observability Specialist for our client's project based at Birmingham/London, UK – 3 day per week Onsite

Role Overview

An Elastic Observability Specialist focuses on end-to-end visibility across applications and infrastructure. You will architect and implement logging, metrics, and tracing pipelines; build user-friendly dashboards; and optimize performance and cost for large-scale Elastic deployments.

Key Responsibilities

• Data Ingestion & Mapping
• Design Ingest Pipelines with Grok, JSON, and user-defined processors to normalize logs.
• Configure Beats (Filebeat, Metricbeat, Heartbeat) and Elastic Agent for logs, metrics, uptime, and security data.
• Manage ECS-compliant field mappings and index templates for consistency.
• APM & Distributed Tracing
• Instrument applications using Elastic APM agents (.NET, Java, Python, Node.js).
• Build and maintain flame graphs, service maps, and transaction breakdowns in APM UI.
• Dashboarding & Visualization
• Develop Kibana dashboards, Canvas presentations, and Lens visualizations for SREs and Dev teams.
• Implement SLO/SLI monitoring and alerting using Kibana Alerting API and Watcher where needed.
• Performance Tuning & Scaling
• Advise on shard sizing, index rollover policies, and hot-warm architecture for efficient storage.
• Implement ILM policies (rollover, shrink, freeze) and snapshot strategies (S3, Azure Blob, GCS).
• Alerting & Incident Response
• Configure metric thresholds and anomaly detection ML jobs for proactive alerting on system health.
• Integrate with notification channels (Slack, PagerDuty) via Kibana connectors.

Required Technical Skills

• Proficiency in Elasticsearch, Kibana, and Elastic APM architecture.
• Deep expertise on the fundamentals of the overall Elastic stack components and it's mode of deployment/s.
• Strong knowledge of Linux system administration and container orchestration (Docker, Kubernetes).
• Experience with observability frameworks (OpenTelemetry, Prometheus) and integrating with Elastic.
• Expertise in scripting (Bash, Python) for automating data onboarding and operational tasks.
• Understanding of network protocols, gRPC, and related logging intricacies.
• Deep familiarity with Filebeat modules (e.g. system, nginx, kafka) and Metricbeat modules (e.g. docker, kubernetes, system) for out-of-the-box ingestion.
• Hands-on with Elastic Agent policies—creating integrations for logs, metrics, and uptime using Fleet.
• Ability to customize prospectors/inputs, multiline patterns, and conditionals in Beats to ensure complete, ECS-compliant event capture.
• Design and optimize Logstash pipelines: inputs (beats, syslog, Kafka), filters (grok, kv, date, geoip), and outputs (Elasticsearch, Kafka).
• Build native Elasticsearch ingest pipelines—using processors (grok, dissect, script, kv, CSV, geo_IP) to normalize and enrich events before indexing.

Soft Skills & Attributes

• Problem-solver with a customer-focused mindset.
• Excellent communicator, able to translate metrics into actionable insights.
• Collaborative, works closely with development, operations, and business stakeholders.