Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Develop and optimise threat detection capabilities using Elastic tools.
- Company: SiXworks, a leader in secure digital solutions for Defence and National Security.
- Benefits: Exciting growth opportunities, collaborative team, and cutting-edge technology.
- Why this job: Join a passionate team driving digital innovation in secure environments.
- Qualifications: Experience with Elasticsearch, Kibana, and SIEM detection rules required.
- Other info: Must be eligible for Security Clearance; dynamic and innovative work culture.
The predicted salary is between 36000 - 60000 £ per year.
We are seeking an experienced Elastic SIEM Subject Matter Expert (SME) to support NESTOR operations. This role involves developing and refining threat detection capabilities, managing log ingestion, and creating operational dashboards. The ideal candidate will be adept at working in constrained environments and applying Elastic tools creatively to meet mission needs.
Key Responsibilities
- Develop, tune, and optimize SIEM detection rules to identify threats and reduce false positives
- Manage log ingestion pipelines and ensure reliable data flow into Elasticsearch
- Design and maintain Kibana dashboards for operational visibility
- Triage SIEM tickets and investigate alerts to determine root causes
- Continuously improve detection logic to enhance signal-to-noise ratio
- Collaborate with NESTOR teams to align SIEM capabilities with operational goals
Required Skills and Experience
- Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM
- Proficiency in log parsing, normalization, and enrichment
- Experience writing detection rules using EQL, KQL, or similar query languages
- Ability to operate effectively in limited or resource-constrained environments
- Familiarity with security operations workflows and incident response processes
Preferred Qualifications
- Experience supporting military or government operations
- Knowledge of the MITRE ATT&CK framework and threat detection strategies
- Scripting skills (e.g., Python, Bash) for automation and data enrichment
Due to the secure nature of the position and working environment, you must have, or be eligible to obtain Security Clearance.
Elastic SME in Farnborough employer: Sixworks
Contact Detail:
Sixworks Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Elastic SME in Farnborough
✨Network Like a Pro
Get out there and connect with folks in the industry! Attend meetups, webinars, or even online forums related to Elastic and SIEM. We can’t stress enough how valuable personal connections can be in landing that dream job.
✨Show Off Your Skills
Don’t just talk about your experience; demonstrate it! Create a portfolio showcasing your work with Elasticsearch and Kibana. We love seeing real examples of what you can do, so make sure to highlight your best projects.
✨Ace the Interview
Prepare for those interviews by brushing up on common questions related to Elastic tools and threat detection. We recommend practising your responses with a friend or in front of a mirror to build confidence and clarity.
✨Apply Through Our Website
When you find a role that excites you, apply through our website! It’s the best way to ensure your application gets the attention it deserves. Plus, we’re always on the lookout for passionate individuals to join our team!
We think you need these skills to ace Elastic SME in Farnborough
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Elastic SME role. Highlight your hands-on experience with Elasticsearch and Kibana, and don’t forget to mention any relevant projects or achievements that showcase your skills in threat detection and log management.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about the role and how your experience aligns with our mission at SiXworks. Be sure to mention your familiarity with security operations workflows and any scripting skills you have.
Showcase Your Problem-Solving Skills: In your application, give examples of how you've tackled challenges in constrained environments. We love candidates who can think outside the box and apply Elastic tools creatively to meet mission needs, so don’t hold back!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re serious about joining our team at SiXworks!
How to prepare for a job interview at Sixworks
✨Know Your Elastic Tools
Make sure you brush up on your knowledge of Elasticsearch, Kibana, and Elastic SIEM. Be ready to discuss how you've used these tools in past roles, especially in constrained environments. Highlight specific examples where you developed or optimised detection rules.
✨Showcase Your Problem-Solving Skills
Prepare to talk about how you've triaged SIEM tickets and investigated alerts. Think of a couple of scenarios where you identified root causes and improved detection logic. This will demonstrate your analytical skills and ability to enhance operational visibility.
✨Familiarise Yourself with Security Workflows
Since the role involves security operations workflows, it’s crucial to understand incident response processes. Brush up on the MITRE ATT&CK framework and be ready to discuss how you’ve applied it in your previous work. This shows you’re not just technically savvy but also understand the bigger picture.
✨Be Ready to Collaborate
Collaboration is key in this role, so think about how you've worked with teams in the past. Prepare examples of how you aligned SIEM capabilities with operational goals. This will show that you can work well with others and contribute to the team’s success.
