Job Description

in brief including Roles & Responsibilities:1. Beats: Knowledge in Installing and troubleshooting Beats Agents WinLogBeat, Auditbeat, FileBeat, Metric Beat etc.,2. Integration: Collaborate with system administrators, developers, and data engineers to integrate Logstash with other components of the Elastic Stack (Elasticsearch, Kibana) and third-party systems.3. Logstash Configuration: Design, configure, and maintain Logstash pipelines to collect, filter, enrich, and transform data from multiple sources, including log files, databases, APIs, and message queues.4. Data Transformation: Develop custom Logstash Grok filters to manipulate data as needed, such as parsing log entries, extracting relevant information, and enriching data with additional context.5. Monitoring and Optimization: Implement monitoring solutions to track Logstash pipeline performance, troubleshoot issues, and optimize configurations for efficiency and reliability.6. Scalability: Collaborate with the infrastructure team to scale Logstash pipelines as needed to handle increasing data volumes and ensure high availability.7. Security: Implement security best practices to ensure the confidentiality, integrity, and availability of data processed by Logstash pipelines. This may include managing authentication and encryption configurations.8. Documentation: Maintain clear and up-to-date documentation for Logstash configurations, filters, and pipelines to facilitate knowledge sharing and troubleshooting.9. Elasticsearch: Design, Deployment, and Enhancement of Elasticsearch [Single, Multi-Node Clusters]. An excellent understanding of relevant Elasticsearch related concepts.10. Continuous Improvement: Stay updated with the latest Logstash and Elastic Stack developments and recommend improvements to existing data processing pipelines and infrastructure.11. Customer Handling: Handling Projects, escalations, providing appropriate solutions and and alternatives within the time limits; and following up to ensure resolution.Mandatory Skills required for the role:

• Proven experience as an ELK Admin or similar role.
• Proficiency in Logstash configuration, including creating custom Grok filters and plugins usage.
• Strong understanding of data transformation and parsing techniques.
• Knowledge of Elasticsearch, Kibana, and the Elastic Stack ecosystem.
• Knowledge on AWS/Azure/GCP Cloud is a plus.
• Experience with scripting languages (e.g., Bash, Python etc.,) is a plus.
• Familiarity with Linux/Unix operating systems.
• Excellent problem-solving and troubleshooting skills.
• Strong communication and collaboration skills.
• Ability to work in a fast-paced, collaborative environment.
• Knowledge of any of the global known SIEM tools like Qradar, Splunk Manage Engine etc is value added.
• Knowledge of API-based device integration for SaaS based service is value added.
• Good Knowledge of PCIDSS, ISO, and GDPR compliance is value-added.
• Basic understanding of log forwarding of Network devices (Routers, Firewall), AV, MDR, EDR and endpoints to ELK.

Educational Requirement (If any)Bachelor\'s degree in Computer Science, Information Technology, or a related fieldCertifications (mandatory if any):\xc2\xb7 Certified Ethical Hacking (CEH), CompTIA security+, Cloud related certifications etc or any Cybersecurity related certifications

SISA