Consulting Engineer

About The Position

Requirements

• 5+ years as a consultant, architect, or engineer with expertise in security, monitoring, or related domains.
• Proven experience deploying Elastic Security (SIEM, endpoint, cloud) or similar solutions (Splunk, QRadar, Arcsight, etc.) at enterprise scale.
• Strong experience with data ingestion, parsing, and normalization (Elastic Agents, Beats, Logstash, Kafka, Redis).
• Familiarity with threat detection, incident response workflows, and security analytics best practices.
• Hands-on expertise with distributed systems, large-scale infrastructure, and public cloud platforms (AWS, Azure, GCP).
• Ability to design and deliver dashboards, detections, and response workflows that drive actionable insights.
• Knowledge of common frameworks and standards (MITRE ATT&CK, NIST, ISO 27001, PCI-DSS).
• Proficiency in Linux and at least one programming or scripting language (e.g., Python, Java, PowerShell).
• Strong communication and presentation skills, with experience engaging directly with customers.
• Bachelor’s, Master’s, or PhD in Computer Science, Engineering, Cybersecurity, or related field, or equivalent experience.
• Comfortable working in highly distributed teams, both remote and on-site when needed
• Willingness to travel occasionally as required.

Nice To Haves

• Elastic Certified Engineer or deep expertise with Elasticsearch and Lucene.
• Big 4 consulting or equivalent professional services experience.
• Experience with endpoint security solutions such as Elastic Endpoint Security, EDR, or AV platforms.
• Knowledge of DevSecOps, Kubernetes, container security, and infrastructure-as-code tools (Terraform, Ansible).
• Experience contributing to open-source project or documentation.
• Public speaking experience at conferences, meetups, or enterprise workshops.

Responsibilities

• Translate business and technical requirements into scalable, outcome-driven solutions built on the Elastic Stack.
• Lead end-to-end delivery of customer engagements — from discovery and design through implementation, enablement, and optimization.
• Partner with customers to architect, deploy, and operationalize Elastic solutions that drive measurable value and adoption.
• Provide technical oversight, guidance, and enablement to customers and teammates throughout project lifecycles.
• Collaborate cross-functionally with Sales, Product, Engineering, and Support to ensure successful outcomes and continuous improvement.
• Capture and share best practices, lessons learned, and solution patterns across the Elastic Services community.
• Contribute to internal enablement, mentoring, and a culture of continuous learning and collaboration
• Guide customers in SIEM, endpoint, and cloud security use cases using Elastic Agents, Beats, Logstash, and related technologies.
• Design and implement detection rules, dashboards, visualizations, and alerts for critical security operations.
• Optimize ingestion pipelines for performance, scalability, and resiliency at enterprise scale.

Benefits

• Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders.
• Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program.
• Our total rewards package also includes a company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.
• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave