Job Description
We are hiring for Elastic Observability Specialist for our client's project based at Birmingham/London, UK – 3 day per week Onsite
Role Overview
An Elastic Observability Specialist focuses on end-to-end visibility across applications and infrastructure. You will architect and implement logging, metrics, and tracing pipelines; build user-friendly dashboards; and optimize performance and cost for large-scale Elastic deployments.
Key Responsibilities
* Data Ingestion & Mapping
* Design Ingest Pipelines with Grok, JSON, and user-defined processors to normalize logs.
* Configure Beats (Filebeat, Metricbeat, Heartbeat) and Elastic Agent for logs, metrics, uptime, and security data.
* Manage ECS-compliant field mappings and index templates for consistency.
* APM & Distributed Tracing
* Instrument applications using Elastic APM agents (.NET, Java, Python, Node.js).
* Build and maintain flame graphs, service maps, and transaction breakdowns in APM UI.
* Dashboarding & Visualization
* Develop Kibana dashboards, Canvas presentations, and Lens visualizations for SREs and Dev teams.
* Implement SLO/SLI monitoring and alerting using Kibana Alerting API and Watcher where needed.
* Performance Tuning & Scaling
* Advise on shard sizing, index rollover policies, and hot-warm architecture for efficient storage.
* Implement ILM policies (rollover, shrink, freeze) and snapshot strategies (S3, Azure Blob, GCS).
* Alerting & Incident Response
* Configure metric thresholds and anomaly detection ML jobs for proactive alerting on system health.
* Integrate with notification channels (Slack, PagerDuty) via Kibana connectors.
Required Technical Skills
* Proficiency in Elasticsearch, Kibana, and Elastic APM architecture.
* Deep expertise on the fundamentals of the overall Elastic stack components and it's mode of deployment/s.
* Strong knowledge of Linux system administration and container orchestration (Docker, Kubernetes).
* Experience with observability frameworks (OpenTelemetry, Prometheus) and integrating with Elastic.
* Expertise in scripting (Bash, Python) for automating data onboarding and operational tasks.
* Understanding of network protocols, HTTP, gRPC, and related logging intricacies.
* Deep familiarity with Filebeat modules (e.g. system, nginx, kafka) and Metricbeat modules (e.g. docker, kubernetes, system) for out-of-the-box ingestion.
* Hands-on with Elastic Agent policies—creating integrations for logs, metrics, and uptime using Fleet.
* Ability to customize prospectors/inputs, multiline patterns, and conditionals in Beats to ensure complete, ECS-compliant event capture.
* Design and optimize Logstash pipelines: inputs (beats, syslog, Kafka), filters (grok, kv, date, geoip), and outputs (Elasticsearch, Kafka).
* Build native Elasticsearch ingest pipelines—using processors (grok, dissect, script, kv, CSV, geo_IP) to normalize and enrich events before indexing.
Soft Skills & Attributes
* Problem-solver with a customer-focused mindset.
* Excellent communicator, able to translate metrics into actionable insights.
* Collaborative, works closely with development, operations, and business stakeholders.