Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a remote team to enhance Elastic Security and SIEM in real production environments.
- Company: Dynamic tech firm focused on long-term Elastic Security projects.
- Benefits: Fully remote work, competitive pay, and a chance to shape security solutions.
- Why this job: Make a significant impact on security while working with cutting-edge technology.
- Qualifications: Hands-on experience with Elastic Security and SIEM in production settings.
- Other info: Long-term contract with opportunities for professional growth and collaboration.
The predicted salary is between 48000 - 72000 £ per year.
We're supporting a client on a long-term Elastic Security programme and are looking to engage senior Elastic SIEM consultants with proven, real-world production experience. This is a fully remote contract role, aligned to US Central Time, forming part of a wider Elastic Security delivery team. The engagement is expected to run for up to 2 years, full-time, with an initial project kick-off planned for mid-March (potentially sooner).
The role
You’ll be working hands-on across a mature Elastic Security environment, contributing to SIEM delivery, detection engineering, and platform optimisation within a live production setting.
Key responsibilities
- Hands-on delivery across Elastic Security/Elastic SIEM in production environments
- Designing, building, and optimising detections, alerts, and tuning (ESQL, rule logic, noise reduction)
- Working with Cribl ingestion pipelines for data routing, enrichment, and optimisation
- Supporting and enhancing on-prem Elastic architectures
- Collaborating within a wider Elastic Security practice and delivery team
- Contributing to operational stability, performance, and detection maturity
Required experience
- Strong, hands-on Elastic Security/SIEM experience in real production environments
- Proven experience with Cribl for ingestion and pipeline management
- Solid detection engineering capability (ESQL, alerting, tuning)
- Experience working with on-prem Elastic stacks
- Background in long-running security or SIEM programmes (not just POCs or lab builds)
Nice to have
- Experience with ECK/Kubernetes
- Exposure to detection-as-code approaches (GitHub/GitLab)
- Experience working within large-scale or enterprise security teams
Additional information
- Fully remote role (aligned to US Central Time)
- Long-term contract (up to 2 years)
- Full-time engagement
- Interview process includes a discussion with the Elastic Security Practice
Please note: We’re specifically looking to speak with consultants who have delivered production SIEM environments. This role is not suitable for candidates whose experience is limited to proofs of concept or demo-only work.
Elastic Engineer in London employer: dcoded
Contact Detail:
dcoded Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Elastic Engineer in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the Elastic community or related fields. Attend webinars, join forums, and don’t be shy about asking for introductions. We all know that sometimes it’s not just what you know, but who you know!
✨Tip Number 2
Prepare for those interviews! Brush up on your Elastic Security knowledge and be ready to discuss your hands-on experience. We recommend practising common interview questions and even doing mock interviews with friends or colleagues to boost your confidence.
✨Tip Number 3
Showcase your skills! Create a portfolio or GitHub repository that highlights your work with Elastic SIEM and detection engineering. We love seeing real-world examples of your expertise, so make sure to include any projects that demonstrate your capabilities.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. We’re always on the lookout for talented individuals like you, so don’t hesitate to submit your application and let us help you land that dream role!
We think you need these skills to ace Elastic Engineer in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your hands-on experience with Elastic Security and SIEM. We want to see real-world examples of your work, so don’t hold back on the details!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. Mention specific projects or experiences that align with the job description.
Showcase Your Technical Skills: Be sure to include any relevant technical skills, especially around ESQL, Cribl, and detection engineering. We love seeing candidates who can demonstrate their expertise in these areas.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity!
How to prepare for a job interview at dcoded
✨Know Your Elastic Security Stuff
Make sure you brush up on your hands-on experience with Elastic Security and SIEM. Be ready to discuss specific projects where you've designed, built, or optimised detections and alerts. Real-world examples will show that you know your stuff!
✨Get Familiar with Cribl
Since the role involves working with Cribl for ingestion pipelines, it’s crucial to understand how it works. Prepare to talk about your experience with data routing and optimisation. If you can share a success story, even better!
✨Showcase Your Detection Engineering Skills
Be prepared to dive into detection engineering capabilities, especially ESQL and alert tuning. Think of scenarios where you’ve reduced noise or improved detection maturity. This will demonstrate your practical skills in a production environment.
✨Collaborate Like a Pro
This role is all about teamwork within the Elastic Security practice. Highlight your experience collaborating with other teams and contributing to operational stability. Share examples of how you’ve worked effectively in a team setting to achieve common goals.
