Siem Infrastructure Engineer – Elasticsearch Environments

Our client is looking SIEM Infrastructure Engineer for approximately 12 months

This is a new technical role to provide direct engineering and administration of infrastructure monitoring to enhance the support of network and IT services.  It is based on maintaining the enterprise’s Elasticsearch environments.

Key accountabilities:

• Develop IT infrastructure monitoring in a production environment using Elasticsearch technology (Including pfELK, HELK, Kibana and Logstash).
• Parse logs and ingesting through their pipelines to a central SIEM location to deliver data for security, IT Ops and availability.
• Utilise Kibana to visualise and enrich data and Logstash to ingest and forward data to a central air-gapped instance.
• Develop dashboards to meet business needs for IT Ops monitoring, visibility and alerts.

Minimum requirements:

• Three years professional experience supporting or developing IT infrastructure monitoring in a production environment using Elasticsearch technology (Including pfELK, HELK, Kibana and Logstash).
• Retrieval of data from disparate sources within a distributed deployment.
• Development and delivery of dashboards to meet business needs for IT Ops monitoring, visibility and alerts.

Desirable experience:

• Experience with hosting Elasticsearch in a Windows and Linux server environment.
• Administration of user authentication through transfer of role-based access control from Active Directory.
• Creation of custom integrations to meet specific data ingest requirements.
• Experience with Linux based OS and its command line interface, network logging and analysis tools.

If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the ‘Guaranteed Interview’ scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team.

If you are successful in securing this role, please note that for the entire duration of this contract, regardless of extension you will be working this role at the equivalent PAYE rate that has been advertised. For absolute clarity, we only work on a PAYE basis. If you wish to understand PAYE vs Umbrella more, please let us know and we can send you some additional information.