Shield only uses the JDK SSLEngine.
I think you should consider security of the ciphers and prioritize that over performance. For example RC4 ciphers might be faster but it is widely considered insecure.
Performance of SSL will be dependent on Java version and the JCE provider. Some providers delegate to native libraries like NSS and this will often yield better performance.
We do not provide benchmarks as these will depend greatly on your JDK and hardware. The Rally tool can be used to test performance against a cluster running elasticsearch with shield/xpack security.
I think you are better off taking baseline numbers before changing any parameters; you may wind up with a slower configuration than the default if you do not.