Elastic Security Specialist (ELK/SIEM)

I am hiring for Elastic Security Specialist (ELK/SIEM)

Location: London / Birmingham – Hybrid

• Expert-level knowledge of Elastic SIEM / Elastic Security and Elastic Stack architecture.
• Proficiency in Elasticsearch Query DSL, EQL, and Kibana dashboarding.
• Hands-on experience with Beats (Filebeat, Winlogbeat, Auditbeat) and Elastic Agent.
• Strong scripting skills (Python, Shell, or Painless).
• Experience with ingesting threat intelligence (STIX/TAXII) and IOC integration.
• Deep understanding of MITRE ATT&CK, kill chain, and SOC operations.
• Proficient in building and optimizing Logstash pipelines and Ingest Pipelines using processors like grok, dissect, kv, etc.
• Hands-on experience with Elastic Agent policies, including log, metric, and uptime integrations via Fleet.
• Familiarity with File beat and Metric beat modules for standard log ingestion (system, nginx, docker, Kubernetes, etc.).

Key Skills: Elastic Security / Log stash / Kibana / File beat / Elastic Stack