Elastic SIEM Specialist (Outside IR35)

Contract Elastic SIEM SME/Engineer, Outside IR35, £500 per day, Farnborough

Contract position at a Defence consultancy, outside IR35 for a specialist Security Engineer work

This is working amongst a team of other technology professionals on an MOD/Defence project, from Farnborough.

PLEASE NOTE - The nature of this project will require the work to be carried out onsite and successful candidates will be required to be security cleared (DV Level) prior to appointment.

Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams to deliver effective SIEM capabilities in constrained, mission-driven environments.

Experience required:

• Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments
• Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives
• Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch
• Proficiency in log parsing, normalisation, and enrichment to support high-quality detections
• Hands-on experience designing and maintaining Kibana dashboards for operational visibility
• Ability to triage SIEM alerts, investigate incidents, and determine root causes
• Familiarity with security operations workflows and incident response processes
• Experience writing detection logic using EQL, KQL, or similar query languages

If you are an Elastic SIEM Specialist with lots of Defence/MOD experience and looking for a new contract, please apply.