Elastic SIEM Specialist
<p><b>Salary: £109,440 - 131,040 per year</b></p>
<b>Requirements:</b>
<ul><li>Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments</li><li>Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives</li><li>Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch</li><li>Proficiency in log parsing, normalisation, and enrichment to support high-quality detections</li><li>Hands-on experience designing and maintaining Kibana dashboards for operational visibility</li><li>Ability to triage SIEM alerts, investigate incidents, and determine root causes</li><li>Familiarity with security operations workflows and incident response processes</li><li>Experience writing detection logic using EQL, KQL, or similar query languages</li></ul>
<b>Responsibilities:</b>
<ul><li>Support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic</li><li>Focus on improving detection quality and investigating alerts</li><li>Collaborate closely with operational teams to deliver effective SIEM capabilities in constrained, mission-driven environments</li><li>Ensure successful SIEM operations through effective management of log ingestion and data flow</li><li>Design and maintain Kibana dashboards for enhanced operational visibility</li><li>Triage SIEM alerts, investigate incidents, and determine root causes in a timely manner</li><li>Write detection logic to refine threat identification processes</li></ul>
<b>Technologies:</b>
<ul><li>ElasticSearch</li><li>Flow</li><li>Support</li><li>Kibana</li><li>Security</li></ul>
<p><b>More:</b></p>
<p>We are a Defence consultancy located in Farnborough, seeking an experienced Elastic SIEM Subject Matter Expert for a contract position. Our project focuses on significant security operations within MOD/Defence environments. This role requires onsite work, and successful candidates must be security cleared at DV Level prior to appointment. We offer a collaborative team environment, focusing on developing high-quality threat detection capabilities and operational dashboards.</p>
<p>last updated 8 week of 2026</p>
<b>Requirements:</b>
<ul><li>Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments</li><li>Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives</li><li>Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch</li><li>Proficiency in log parsing, normalisation, and enrichment to support high-quality detections</li><li>Hands-on experience designing and maintaining Kibana dashboards for operational visibility</li><li>Ability to triage SIEM alerts, investigate incidents, and determine root causes</li><li>Familiarity with security operations workflows and incident response processes</li><li>Experience writing detection logic using EQL, KQL, or similar query languages</li></ul>
<b>Responsibilities:</b>
<ul><li>Support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic</li><li>Focus on improving detection quality and investigating alerts</li><li>Collaborate closely with operational teams to deliver effective SIEM capabilities in constrained, mission-driven environments</li><li>Ensure successful SIEM operations through effective management of log ingestion and data flow</li><li>Design and maintain Kibana dashboards for enhanced operational visibility</li><li>Triage SIEM alerts, investigate incidents, and determine root causes in a timely manner</li><li>Write detection logic to refine threat identification processes</li></ul>
<b>Technologies:</b>
<ul><li>ElasticSearch</li><li>Flow</li><li>Support</li><li>Kibana</li><li>Security</li></ul>
<p><b>More:</b></p>
<p>We are a Defence consultancy located in Farnborough, seeking an experienced Elastic SIEM Subject Matter Expert for a contract position. Our project focuses on significant security operations within MOD/Defence environments. This role requires onsite work, and successful candidates must be security cleared at DV Level prior to appointment. We offer a collaborative team environment, focusing on developing high-quality threat detection capabilities and operational dashboards.</p>
<p>last updated 8 week of 2026</p>