Leave us your email address and we'll send you all the new jobs according to your preferences.
Elastic Lead/Architect [Elasticsearch, SIEM/firewall/IDS/IPS, Python/Bash, AWS/Azure]
Posted 17 hours 27 minutes ago by GIOS Technology Limited
Key Skills: Elasticsearch, SIEM/Firewall/IDS/IPS, Python/Bash, AWS/Azure
We are looking for Elastic Lead/Architect for our client's project based at Birmingham, UK
Its a Outside IR35 role
Role Overview:
The Elastic Lead/Architect for Security will be responsible for architecting and overseeing the implementation of ElasticSearch solutions specifically for threat hunting and security analytics. This role requires hands-on expertise in deploying Elasticsearch clusters for security use cases, including Real Time threat detection and incident response.
Key Responsibilities:
- Design and architect scalable Elasticsearch clusters tailored for security and threat hunting.
- Lead the integration of Elasticsearch with security tools like SIEM, IDS/IPS, and endpoint protection.
- Optimize Elasticsearch for security use cases such as log analysis, anomaly detection, and incident response.
- Collaborate with security teams to ensure the solution meets security analytics requirements.
- Ensure high availability, data integrity, and Real Time data processing.
- Provide leadership and technical guidance to the Elastic and security teams.
- Stay updated on the latest security trends and Elasticsearch features related to security.
Key Skills:
- Proven experience in Elasticsearch architecture with a focus on security use cases.
- Expertise in using Elasticsearch for log aggregation, threat hunting, and anomaly detection.
- Strong understanding of security frameworks, threat detection techniques, and incident response.
- Experience with security tools like SIEM, Firewalls, IDS/IPS, and endpoint protection.
- Proficiency in Linux, Scripting languages (Python, Bash), and cloud platforms (AWS, Azure).
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or related field.
- 5+ years of experience with Elasticsearch in a security context.
- Certifications in Elasticsearch and security (eg, CISSP, OSCP) are preferred