Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support NESTOR operations by building and optimising threat detection within Elastic SIEM.
- Company: Defence consultancy working on cutting-edge MOD projects.
- Benefits: Competitive daily rate of £500, with opportunities for professional growth.
- Why this job: Join a mission-driven team and make a real impact in security operations.
- Qualifications: Strong experience with Elasticsearch, Kibana, and SIEM in operational settings.
- Other info: Onsite role requiring DV Level security clearance.
Contract position at a Defence consultancy, outside IR35 for a specialist Security Engineer work. This is working amongst a team of other technology professionals on an MOD/Defence project, from Farnborough.
PLEASE NOTE - The nature of this project will require the work to be carried out onsite and successful candidates will be required to be security cleared (DV Level) prior to appointment.
Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams to deliver effective SIEM capabilities in constrained, mission-driven environments.
Experience required:
- Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments
- Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives
- Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch
- Proficiency in log parsing, normalisation, and enrichment to support high-quality detections
- Hands-on experience designing and maintaining Kibana dashboards for operational visibility
- Ability to triage SIEM alerts, investigate incidents, and determine root causes
- Familiarity with security operations workflows and incident response processes
- Experience writing detection logic using EQL, KQL, or similar query languages
If you are an Elastic SIEM Specialist with lots of Defence/MOD experience and looking for a new contract, please apply.
Elastic SIEM Specialist (Outside IR35) in Farnborough employer: The Talent Locker
Contact Detail:
The Talent Locker Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Elastic SIEM Specialist (Outside IR35) in Farnborough
✨Tip Number 1
Network like a pro! Reach out to your connections in the Defence sector and let them know you're on the lookout for opportunities. Sometimes, a friendly chat can lead to a hidden gem of a job that isn't even advertised yet.
✨Tip Number 2
Show off your skills! When you get the chance to meet potential employers or colleagues, don’t hold back on discussing your hands-on experience with Elasticsearch and Kibana. Share specific examples of how you've improved detection quality or optimised SIEM detection rules.
✨Tip Number 3
Prepare for those interviews! Brush up on your knowledge of security operations workflows and incident response processes. Be ready to discuss how you triage alerts and investigate incidents, as this will show you're not just book-smart but also practical.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for talented Elastic SIEM Specialists like you. Plus, applying directly gives you a better shot at standing out from the crowd.
We think you need these skills to ace Elastic SIEM Specialist (Outside IR35) in Farnborough
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Elasticsearch, Kibana, and Elastic SIEM. We want to see how your skills match the job description, so don’t be shy about showcasing your relevant projects!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. Mention your hands-on experience and how you've improved detection quality in past roles. We love a good story!
Showcase Your Technical Skills: When filling out your application, make sure to highlight your proficiency in log parsing, normalisation, and enrichment. We’re looking for someone who can hit the ground running, so let us know what you can do!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss any important updates. Plus, we love seeing applications come in through our own channels!
How to prepare for a job interview at The Talent Locker
✨Know Your Elastic SIEM Inside Out
Make sure you brush up on your knowledge of Elasticsearch, Kibana, and Elastic SIEM. Be ready to discuss your hands-on experience and how you've built, tuned, and operated threat detection systems in the past. Specific examples will help demonstrate your expertise.
✨Showcase Your Problem-Solving Skills
Prepare to talk about how you've triaged SIEM alerts and investigated incidents. Think of a couple of scenarios where you identified root causes and improved detection quality. This will show that you can think critically under pressure, which is crucial for this role.
✨Familiarise Yourself with Defence Projects
Since this role is within a Defence consultancy, it’s important to understand the unique challenges of working in this environment. Research MOD projects and be ready to discuss how your experience aligns with their mission-driven approach.
✨Practice Your Detection Logic
Brush up on writing detection logic using EQL, KQL, or similar query languages. You might be asked to demonstrate your skills or discuss how you've used these languages to optimise SIEM detection rules. Being prepared will give you an edge!
