Summary / Overall Purpose
The Sr. Elastic Security Engineer serves as part of the IT Cybersecurity team to advance the company’s cybersecurity capabilities and solve business challenges. The Sr. Engineer plays a pivotal role in enabling enterprise-wide visibility, security intelligence, and operational resilience through the design, deployment, and continuous improvement of the Elastic Stack platform. This role intersects across IT operations, cybersecurity, Integrations, and business analytics, providing actionable insights that drive smarter data-driven decisions and faster incident response. The Sr. Engineer supports IT teams (such as product teams, platform teams, and application development teams) to successfully adopt and maximize the value from Elasticsearch and other tools’ capabilities. The Sr. Engineer is involved in design and implementation activities that result in new or improved capabilities stemming from Elastic Search and applies skills and expertise to such areas as IT security, networking, Linux and Microsoft server technologies, cloud platforms, incident response, API connectivity and integrations, logic gates, and automation.
Success in this role will be measured in four primary ways: (1) champions the adoption of Elasticsearch across IT teams, (2) advances the company’s cybersecurity capabilities through the use of Elasticsearch, (3) ensures relevant cybersecurity investments are realized and maximized, and (4) customer (i.e., business user) satisfaction.
Essential/Primary Duties, Functions, and Responsibilities
- Responsible for establishing the company’s Elasticsearch roadmap and socializing with IT teams to get buy-in.
- Responsible for identifying and troubleshooting Elasticsearch-related issues, such as slow queries or indexing problems.
- Responsible for designing and implementing Elasticsearch infrastructure that meets business requirements including designing and configuring Elasticsearch clusters, nodes, and indices, as well as integrating Elasticsearch with other systems.
- Develops and maintains monitoring and alerting systems for Elasticsearch infrastructure, including establishing metrics collection and visualization tools and configuring alerts to notify the team of potential issues.
- Considers high availability, performance, and scalability; This includes monitoring Elasticsearch clusters for performance issues and implementing strategies to optimize performance.
- Collaborates with cross-functional teams such as developers and DevOps, to ensure Elasticsearch infrastructure meets business requirements.
- Champions the benefits that Elastic can bring to other Red Lobster business units through leveraging APM, Observability, Machine Learning (ML), Predictive analytics, Natural Language Processing, Sentiment analysis, and Enterprise Search with an emphasis on surfacing “actionable” information.
- Provides guidance to junior security personnel, sharing best practices, and helping them grow their skills.
- Stays current with industry trends and best practices related to Elasticsearch and search infrastructure.
- Evaluates new tools and technologies and recommends changes or improvements to Elasticsearch infrastructure.
- Analyzes and makes recommendations to improve network, system and application architectures.
- Examines network, server, and application logs to determine trends and identify security incidents.
- Assists in the review and update of cyber security policies, architectures, and standards.
- Assists in responding to audits, penetration tests and vulnerability assessments.
- Possess strong analytical and problem-solving skills.
- Ensures all projects meet success parameters.
- Perform special projects and research as assigned.
- Perform other duties as assigned.
Job Requirements (Skills & Experience)
Education and Business Experience:
- Bachelor’s degree (B.A. or B.S.) in computer science, cybersecurity or a related field from a four-year college or university
- At least 5 years of years of experience in cybersecurity, preferably in a security engineering role.
- Two or more years of progressive technology management experience in cross-functional teams
- Strong familiarity with project and program management disciplines, methodologies, and processes
- Familiarity with the functioning of a program management office and governance frameworks
- Hands on experience with cross-functional execution
- Hospitality industry product development experience is a plus
Technical Experience:
- Experience across IT security, networking, Linux and Microsoft server technologies, Cloud platforms, Incident response, API connectivity and integrations, firm understanding of logic gates and automation concepts.
- Strong knowledge of common vulnerabilities and exploitation techniques
- Working familiarity with additional technologies such as other SIEM’s, CASB, SASE, SWG, ZTNA, DLP, EDR, WAF, IAM, PIM, PAM.
- Working knowledge of Syslog, Logstash, handling of raw data types, ingestion and parsing of data types with the use of regex or grok for example.
Knowledge, Skills, and Abilities:
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Strong problem-solving and trouble-shooting skills
- Understanding of current and emerging cybersecurity technologies and how other enterprises are employing them to drive digital business, and how they may be applied to drive digital business
- Strong customer service orientation in combination with persuasive skills and diplomacy to lead change and guide decisions
- Highly self-motivated and directed
- Team oriented and skilled in working within a collaborative environment
- Ability to appropriately prioritize and execute tasks in a fast-paced, service-intensive environment
- Effective oral and written communication skills, including the ability to explain digital concepts and technologies to business leaders, as well as business concepts to technologists
- Ability to effectively interact with all levels of management, from individual contributors to the executive team
Certifications and/or Licenses:
● Certified information systems security professional (CISSP) desired but not required
Work Environment and Physical Demands:
- Ability to stand, bend, stoop, sit, walk, twist, and turn.
- Ability to lift up to 25 pounds occasionally.
- Ability to use a computer keyboard and calculator.