Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Architect and optimise Elastic Stack deployments for security and performance monitoring.
- Company: Join a dynamic team in Birmingham & London, focused on cutting-edge technology solutions.
- Benefits: Enjoy hybrid work options, competitive salary, and opportunities for professional growth.
- Why this job: Be at the forefront of security and observability, making a real impact in tech.
- Qualifications: 5+ years in Elastic Stack with experience in SIEM and APM required.
- Other info: Collaborate with diverse teams and enhance your skills in a supportive environment.
The predicted salary is between 43200 - 72000 £ per year.
Location: Birmingham & London, UK (Hybrid)
Job Overview:
We are seeking a highly skilled Elastic Stack Consultant – Security & Observability to architect, implement, and optimize end-to-end Elastic Stack deployments. This hybrid role combines Elastic SIEM for security detection and Elastic APM for performance monitoring. You will work closely with SOC teams, SREs, DevOps engineers, and security stakeholders to design detection rules, dashboards, alerting mechanisms, and pipeline integrations using the Elastic ecosystem.
Key Responsibilities:
- Security (SIEM & Detection Engineering)
- Design and tune detection rules using EQL, Rule DSL, and Sigma mappings.
- Configure Elastic Security integrations with endpoint agents, EDR, and threat intel feeds.
- Conduct threat hunting and investigative queries across log, network, and endpoint data.
- Automate alert triage and enrichment using Ingest Pipelines and ML anomaly jobs.
- Integrate with ITSM tools (e.g., Jira, ServiceNow) and manage alert workflows.
- Observability (APM & Monitoring)
- Deploy and configure Elastic APM agents (.NET, Java, Python, Node.js).
- Build dashboards, service maps, flame graphs, and transaction monitoring views.
- Configure Metricbeat, Heartbeat, and Filebeat for uptime and health monitoring.
- Optimize ILM policies, shard sizing, and index rollover for scale and cost-efficiency.
- Integrate with observability tools like OpenTelemetry and Prometheus.
Key Skills & Technologies:
- Elastic Stack (Elasticsearch, Kibana, Logstash, Beats, Elastic Agent)
- Detection & Response: EQL, DSL, MITRE ATT&CK, IOC/IOA analysis
- Observability: Elastic APM, Metrics, Logs, Distributed Tracing
- Dashboards: Kibana, Canvas, Lens
- Ingest Pipelines: Grok, Dissect, Script, CSV, GeoIP
- Logstash & Beats (Filebeat, Metricbeat, Auditbeat, Winlogbeat)
- Security Integration: STIX/TAXII, SIEM connectors
- Scripting: Python, Shell, Bash, Painless
- Container Platforms: Docker, Kubernetes (Nice to have)
- Tools: ServiceNow, Jira, Slack, PagerDuty
Ideal Candidate Will Have:
- Minimum 5 years of experience in Elastic Stack deployment and optimization.
- Experience in both cybersecurity (SIEM) and performance monitoring (APM).
- Strong understanding of ECS-compliant event mapping and normalization.
- Ability to collaborate across DevOps, Security, and Engineering teams.
Elastic Stack Consultant - Security & Observability (SIEM/APM/Kibana/Beats) employer: GIOS Technology
Contact Detail:
GIOS Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Elastic Stack Consultant - Security & Observability (SIEM/APM/Kibana/Beats)
✨Tip Number 1
Familiarise yourself with the Elastic Stack components, especially Elasticsearch, Kibana, and Beats. Understanding how these tools interact will help you demonstrate your expertise during discussions with our team.
✨Tip Number 2
Showcase your experience with SIEM and APM by preparing specific examples of past projects where you've implemented detection rules or performance monitoring solutions. This will highlight your practical knowledge and problem-solving skills.
✨Tip Number 3
Engage with the Elastic community through forums or local meetups. Networking with other professionals can provide insights into current trends and challenges in the field, which you can discuss during your interview.
✨Tip Number 4
Brush up on your scripting skills, particularly in Python and Shell. Being able to automate tasks and integrate various tools will be a significant advantage, so be ready to discuss any relevant scripts you've developed.
We think you need these skills to ace Elastic Stack Consultant - Security & Observability (SIEM/APM/Kibana/Beats)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience with the Elastic Stack, particularly in security and observability. Use specific examples of past projects where you've designed detection rules or optimised deployments.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and performance monitoring. Mention how your skills align with the key responsibilities outlined in the job description, such as threat hunting and integrating with ITSM tools.
Showcase Technical Skills: Clearly list your technical skills related to the Elastic Stack, including EQL, Kibana, and APM tools. Provide context on how you've used these technologies in previous roles to demonstrate your expertise.
Highlight Collaboration Experience: Since the role involves working closely with various teams, emphasise any experience you have collaborating with DevOps, Security, and Engineering teams. Use specific examples to illustrate your ability to work cross-functionally.
How to prepare for a job interview at GIOS Technology
✨Showcase Your Technical Skills
Be prepared to discuss your experience with the Elastic Stack in detail. Highlight specific projects where you've implemented SIEM or APM solutions, and be ready to explain the technical challenges you faced and how you overcame them.
✨Demonstrate Collaboration Experience
Since this role involves working closely with SOC teams, SREs, and DevOps engineers, share examples of how you've successfully collaborated with cross-functional teams in the past. Emphasise your communication skills and ability to work in a hybrid environment.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities. For instance, you might be asked how you would design a detection rule for a specific threat. Practise articulating your thought process clearly and logically.
✨Familiarise Yourself with Current Trends
Stay updated on the latest trends in cybersecurity and observability. Being knowledgeable about recent developments in the Elastic ecosystem, such as new features or integrations, will demonstrate your passion for the field and your commitment to continuous learning.
