Job Description In Brief Including Roles & Responsibilities
- Beats: Knowledge in Installing and troubleshooting Beats Agents WinLogBeat, Auditbeat, FileBeat, Metric Beat etc.,
- Integration: Collaborate with system administrators, developers, and data engineers to integrate Logstash with other components of the Elastic Stack (Elasticsearch, Kibana) and third-party systems.
- Logstash Configuration: Design, configure, and maintain Logstash pipelines to collect, filter, enrich, and transform data from multiple sources, including log files, databases, APIs, and message queues.
- Data Transformation: Develop custom Logstash Grok filters to manipulate data as needed, such as parsing log entries, extracting relevant information, and enriching data with additional context.
- Monitoring and Optimization: Implement monitoring solutions to track Logstash pipeline performance, troubleshoot issues, and optimize configurations for efficiency and reliability.
- Scalability: Collaborate with the infrastructure team to scale Logstash pipelines as needed to handle increasing data volumes and ensure high availability.
- Security: Implement security best practices to ensure the confidentiality, integrity, and availability of data processed by Logstash pipelines. This may include managing authentication and encryption configurations.
- Documentation: Maintain clear and up-to-date documentation for Logstash configurations, filters, and pipelines to facilitate knowledge sharing and troubleshooting.
- Elasticsearch: Design, Deployment, and Enhancement of Elasticsearch [Single, Multi-Node Clusters]. An excellent understanding of relevant Elasticsearch related concepts.
- Continuous Improvement: Stay updated with the latest Logstash and Elastic Stack developments and recommend improvements to existing data processing pipelines and infrastructure.
- Customer Handling: Handling Projects, escalations, providing appropriate solutions and alternatives within the time limits; and following up to ensure resolution.
Mandatory Skills Required For The Role
- Proven experience as an ELK Admin or similar role.
- Proficiency in Logstash configuration, including creating custom Grok filters and plugins usage.
- Strong understanding of data transformation and parsing techniques.
- Knowledge of Elasticsearch, Kibana, and the Elastic Stack ecosystem.
- Knowledge on AWS/Azure/GCP Cloud is a plus.
- Experience with scripting languages (e.g., Bash, Python etc.,) is a plus.
- Familiarity with Linux/Unix operating systems.
- Excellent problem-solving and troubleshooting skills.
- Strong communication and collaboration skills.
- Ability to work in a fast-paced, collaborative environment.
- Knowledge of any of the global known SIEM tools like Qradar, Splunk Manage Engine etc is value added.
- Knowledge of API-based device integration for SaaS based service is value added.
- Good Knowledge of PCIDSS, ISO, and GDPR compliance is value-added.
- Basic understanding of log forwarding of Network devices (Routers, Firewall), AV, MDR, EDR and endpoints to ELK.
Educational Requirement (If any)
Bachelor's degree in Computer Science, Information Technology, or a related field
Certifications (mandatory If Any)
- Certified Ethical Hacking (CEH), CompTIA security+, Cloud related certifications etc or any Cybersecurity related certifications
