siem application engineer (elastic security) - birmingham, uk

Summary: The SIEM Application Engineer role focuses on the end-to-end delivery and optimization of the Elastic Stack, particularly in the context of cybersecurity. The position requires expertise in creating detection rules and ensuring compliance with security standards. It is a contract position based in Birmingham or Manchester, UK, with a hybrid working arrangement. The role is classified as inside IR35 and offers a competitive daily pay rate.

Key Responsibilities:

• Elastic Stack Mastery: 5+ years of cybersecurity engineering experience, specializing in the end-to-end delivery, optimization, and operation of the Elastic Stack (ELK), with a focus on Elastic Security.
• Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework, alongside implementing essential security controls like RBAC, encryption, and data governance to ensure regulatory compliance.
• Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch indices and mappings and optimizing Logstash pipelines for maximum performance, throughput, and efficient resource utilization.
• Outcome Ownership: Results-driven professional focused on owning security outcomes, leveraging Kibana for critical data visualization, real-time monitoring, and system health tracking.

Key Skills:

• 5+ years of experience in cybersecurity engineering.
• Expertise in Elastic Stack (ELK) and Elastic Security.
• Ability to engineer detection rules based on the MITRE ATT&CK Framework.
• Experience with security controls like RBAC, encryption, and data governance.
• Technical skills in Elasticsearch indices, mappings, and Logstash optimization.
• Proficiency in using Kibana for data visualization and monitoring.

Salary (Rate): £550 per day

City: Birmingham

Country: UK

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT