L3 Security Analyst (Elastic SIEM Specialist) - 6 months, Fully Remote - Outside IR35

L3 Security Analyst (Elastic SIEM Specialist) - 6 months, Fully Remote - Outside IR35

Posted Today by Jobserve

Apply
£500 Per day
Outside
Remote
Dublin
Apply
Application Programming Interface (API) Automation Bash (Scripting Language) Cloud Computing Cloud Technology Cyber Incident Response Elastic (ELK) Stack Google Cloud Platform (GCP) Kibana Kusto Query Language Lifecycle Management Management Microsoft Azure MITRE ATT&CK Framework Network Protocols Performance Tuning Privilege Escalation Scripting Security Information And Event Management (SIEM) Stakeholder Management Windows PowerShell

Summary: The L3 Security Analyst (Elastic SIEM Specialist) will serve as the senior escalation point within a SOC environment, focusing on advanced threat investigations and enhancing Elastic SIEM capabilities. This role involves collaboration with security teams and stakeholders to improve detection engineering and incident response. The position is fully remote and classified as outside IR35.

Key Responsibilities:

  • Lead advanced threat investigations including persistence, privilege escalation, lateral movement, and data exfiltration.
  • Act as the highest technical escalation point for SIEM alerts and major incidents.
  • Conduct complex analysis using KQL and EQL within Elastic environments.
  • Own and optimise the Elastic SIEM platform, including performance tuning and data lifecycle management.
  • Develop and refine detection rules aligned to MITRE ATT&CK and behavioural analytics.
  • Carry out proactive threat hunting and build dashboards, queries, and visualisations.
  • Drive improvements in SOC processes, playbooks, and automation opportunities.
  • Collaborate with cross-functional teams on logging, architecture, and security requirements.
  • Provide mentorship and guidance to L1/L2 analysts and support knowledge sharing.

Key Skills:

  • Strong experience as a senior SOC or Security Analyst (L3 level or equivalent).
  • Deep expertise with Elastic Stack (Elasticsearch, Kibana, Elastic Security, Beats, Elastic Agent).
  • Strong hands-on experience with KQL/EQL and detection engineering.
  • Experience leading incident response and conducting complex investigations.
  • Good understanding of MITRE ATT&CK and threat actor TTPs.
  • Experience with Scripting (Python, PowerShell, or Bash) and API integrations.
  • Strong knowledge of Windows/Linux internals and network protocols.
  • Experience with cloud logging environments (AWS, Azure, or GCP).
  • Excellent analytical, communication, and stakeholder management skills.

Salary (Rate): £500 per day

City: Dublin

Country: Ireland

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: Senior

Industry: IT

Detailed Description From Employer:

L3 Security Analyst (Elastic SIEM Specialist) - 6 months, Fully Remote - Outside IR35

In this role, you will act as the senior escalation point within a SOC environment, leading advanced threat investigations and driving improvements across Elastic SIEM capabilities. You will work closely with security teams, engineers, and stakeholders to strengthen detection engineering, incident response, and overall security posture.

Key Responsibilities

  • Lead advanced threat investigations including persistence, privilege escalation, lateral movement, and data exfiltration.
  • Act as the highest technical escalation point for SIEM alerts and major incidents.
  • Conduct complex analysis using KQL and EQL within Elastic environments.
  • Own and optimise the Elastic SIEM platform, including performance tuning and data lifecycle management.
  • Develop and refine detection rules aligned to MITRE ATT&CK and behavioural analytics.
  • Carry out proactive threat hunting and build dashboards, queries, and visualisations.
  • Drive improvements in SOC processes, playbooks, and automation opportunities.
  • Collaborate with cross-functional teams on logging, architecture, and security requirements.
  • Provide mentorship and guidance to L1/L2 analysts and support knowledge sharing.

Skills & Experience

  • Strong experience as a senior SOC or Security Analyst (L3 level or equivalent).
  • Deep expertise with Elastic Stack (Elasticsearch, Kibana, Elastic Security, Beats, Elastic Agent).
  • Strong hands-on experience with KQL/EQL and detection engineering.
  • Experience leading incident response and conducting complex investigations.
  • Good understanding of MITRE ATT&CK and threat actor TTPs.
  • Experience with Scripting (Python, PowerShell, or Bash) and API integrations.
  • Strong knowledge of Windows/Linux internals and network protocols.
  • Experience with cloud logging environments (AWS, Azure, or GCP).
  • Excellent analytical, communication, and stakeholder management skills.

Contract Details

Location: Dublin (3 or 4 times per week)
Duration: 6 months
Daily Rate: £500 per day Outside IR35

Apply
Similar Jobs
Loading data...