Elastic Security Specialist (ELK/SIEM)

Elastic Security Specialist (ELK/SIEM)

Posted 1 week ago by GIOS Technology

Apply
Negotiable
Undetermined
Hybrid
London Area, United Kingdom
Apply
Azure Kubernetes Service Docker (Software) Domain-Specific Language Elastic (ELK) Stack Elasticsearch Filebeat Kibana Kubernetes Logstash MITRE ATT&CK Framework Python (Programming Language) Scripting Security Information And Event Management (SIEM) Uptime

Summary: The Elastic Security Specialist (ELK/SIEM) role requires an expert in Elastic SIEM and Elastic Stack architecture, with a strong focus on Elasticsearch Query DSL and Kibana dashboarding. The position involves hands-on experience with various Elastic tools and scripting languages, as well as a deep understanding of threat intelligence and SOC operations. The role is based in London or Birmingham and offers a hybrid working arrangement.

Key Responsibilities:

  • Utilize expert-level knowledge of Elastic SIEM and Elastic Stack architecture.
  • Proficiently use Elasticsearch Query DSL, EQL, and Kibana for dashboarding.
  • Implement and manage Beats (Filebeat, Winlogbeat, Auditbeat) and Elastic Agent.
  • Develop scripts using Python, Shell, or Painless.
  • Ingest threat intelligence and integrate IOCs.
  • Apply knowledge of MITRE ATT&CK, kill chain, and SOC operations.
  • Build and optimize Logstash and Ingest Pipelines using various processors.
  • Manage Elastic Agent policies for log, metric, and uptime integrations.
  • Utilize Filebeat and Metricbeat modules for standard log ingestion.

Key Skills:

  • Elastic Security
  • Logstash
  • Kibana
  • Filebeat
  • Elastic Stack

Salary (Rate): undetermined

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

I am hiring for Elastic Security Specialist (ELK/SIEM) Location: London / Birmingham - Hybrid Expert-level knowledge of Elastic SIEM / Elastic Security and Elastic Stack architecture. Proficiency in Elasticsearch Query DSL, EQL, and Kibana dashboarding. Hands-on experience with Beats (Filebeat, Winlogbeat, Auditbeat) and Elastic Agent. Strong scripting skills (Python, Shell, or Painless). Experience with ingesting threat intelligence (STIX/TAXII) and IOC integration. Deep understanding of MITRE ATT&CK, kill chain, and SOC operations. Proficient in building and optimizing Logstash pipelines and Ingest Pipelines using processors like grok, dissect, kv, etc. Hands-on experience with Elastic Agent policies, including log, metric, and uptime integrations via Fleet. Familiarity with File beat and Metric beat modules for standard log ingestion (system, nginx, docker, Kubernetes, etc.). Key Skills: Elastic Security / Log stash / Kibana / File beat / Elastic Stack

Apply
Similar Jobs
Loading data...