Key Skills: Elasticsearch, SIEM/Firewall/IDS/IPS, Python/Bash, AWS/Azure

We are looking for Elastic Lead/Architect for our client's project based at Birmingham, UK

Its a Outside IR35 role

Role Overview:

The Elastic Lead/Architect for Security will be responsible for architecting and overseeing the implementation of ElasticSearch solutions specifically for threat hunting and security analytics. This role requires hands-on expertise in deploying Elasticsearch clusters for security use cases, including Real Time threat detection and incident response.

Key Responsibilities:

• Design and architect scalable Elasticsearch clusters tailored for security and threat hunting.
• Lead the integration of Elasticsearch with security tools like SIEM, IDS/IPS, and endpoint protection.
• Optimize Elasticsearch for security use cases such as log analysis, anomaly detection, and incident response.
• Collaborate with security teams to ensure the solution meets security analytics requirements.
• Ensure high availability, data integrity, and Real Time data processing.
• Provide leadership and technical guidance to the Elastic and security teams.
• Stay updated on the latest security trends and Elasticsearch features related to security.

Key Skills:

• Proven experience in Elasticsearch architecture with a focus on security use cases.
• Expertise in using Elasticsearch for log aggregation, threat hunting, and anomaly detection.
• Strong understanding of security frameworks, threat detection techniques, and incident response.
• Experience with security tools like SIEM, Firewalls, IDS/IPS, and endpoint protection.
• Proficiency in Linux, Scripting languages (Python, Bash), and cloud platforms (AWS, Azure).

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• 5+ years of experience with Elasticsearch in a security context.
• Certifications in Elasticsearch and security (eg, CISSP, OSCP) are preferred