Elastic Engineer

Senior Elastic SIEM/Security Consultant (Contract)

Remote | US Central Time | Long-term engagement | Outside IR35

We're supporting a client on a long-term Elastic Security programme and are looking to engage senior Elastic SIEM consultants with proven, real-world production experience.

This is a fully remote contract role, aligned to US Central Time, forming part of a wider Elastic Security delivery team. The engagement is expected to run for up to 2 years, full-time, with an initial project kick-off planned for mid-March (potentially sooner).

The role

You'll be working hands-on across a mature Elastic Security environment, contributing to SIEM delivery, detection engineering, and platform optimisation within a live production setting.

Key responsibilities

  • Hands-on delivery across Elastic Security/Elastic SIEM in production environments
  • Designing, building, and optimising detections, alerts, and tuning (ESQL, rule logic, noise reduction)
  • Working with Cribl ingestion pipelines for data routing, enrichment, and optimisation
  • Supporting and enhancing on-prem Elastic architectures
  • Collaborating within a wider Elastic Security practice and delivery team
  • Contributing to operational stability, performance, and detection maturity

Required experience

  • Strong, hands-on Elastic Security/SIEM experience in real production environments
  • Proven experience with Cribl for ingestion and pipeline management
  • Solid detection engineering capability (ESQL, alerting, tuning)
  • Experience working with on-prem Elastic stacks
  • Background in long-running security or SIEM programmes (not just POCs or lab builds)

Nice to have

  • Experience with ECK/Kubernetes
  • Exposure to detection-as-code approaches (GitHub/GitLab)
  • Experience working within large-scale or enterprise security teams

Additional information

  • Fully remote role (aligned to US Central Time)
  • Long-term contract (up to 2 years)
  • Full-time engagement
  • Interview process includes a discussion with the Elastic Security Practice

Please note: We're specifically looking to speak with consultants who have delivered production SIEM environments. This role is not suitable for candidates whose experience is limited to proofs of concept or demo-only work.

Apply Now
Apply Now

Job Details

Company
Dcoded
Location
United Kingdom
Hybrid / Remote Options
Employment Type
Contract
Salary
GBP 450 Daily
Posted