Job Description SIEM Application Engineer Job Overview Job Title: SIEM Application Engineer Team: Security Engineering Location: Flexible / Hybrid Hours: Full Time - Contract 3 Month Duration Role Summary The SIEM Application Engineer is responsible for the design, deployment, management, and optimisation of Security Information and Event Management (SIEM) platforms to enhance threat detection, monitoring, and incident response capabilities across enterprise environments. This role focuses on building and maintaining scalable SIEM solutionsprimarily leveraging Elasticsearch-based technologiesto support security operations, regulatory compliance, and continuous improvement of organisational security posture. Why This Role Matters SIEM platforms are a core component of modern security architecture, enabling effective monitoring, threat detection, and response across complex IT and network environments. This role plays a critical part in ensuring SIEM solutions are reliable, performant, and aligned with security standards and frameworks. The SIEM Application Engineer works closely with security analysts, architects, and operations teams to support strategic security objectives, improve detection coverage, and respond to evolving cyber threats. Key Responsibilities SIEM Solution Development Design and implement SIEM solutions in collaboration with security analysts and architects. Develop, optimise, and maintain detection rules, alerts, and dashboards to improve threat visibility. Support the full SIEM lifecycle, including development, deployment, and ongoing optimisation. Collaboration & Communication Work effectively with cross-functional security and engineering teams. Produce clear technical documentation and present solutions to both technical and non-technical stakeholders. Query Optimisation & Performance Tuning Develop efficient queries to extract and analyse security events. Monitor SIEM platform health and performance, addressing scalability and efficiency issues. Optimise data ingestion pipelines and indexing strategies. Security Engineering & Operations Support Contribute to security engineering initiatives, platform transitions, and transformation projects. Integrate SIEM with security operations and incident response tooling. Stay current with emerging threats, attack techniques, and security best practices. Essential Skills & Experience SIEM & Detection Engineering Strong experience configuring and operating SIEM platforms (Elasticsearch-based solutions preferred). Ability to create, test, and optimise detection rules aligned to the MITRE ATT&CK framework. Experience improving detection fidelity while reducing false positives. Elasticsearch & Platform Engineering Hands-on experience with Elasticsearch query optimisation, indexing, and mappings. Performance tuning of Elasticsearch and Logstash pipelines. Experience using Kibana for dashboards, visualisations, and operational monitoring. Security & Compliance Implementation of access controls, authentication, and encryption within SIEM platforms. Understanding of security policy, governance, and regulatory frameworks. Experience supporting compliance with data protection and security standards. Desirable Skills & Experience Experience with the Elastic Stack (ELK) in enterprise environments. Knowledge of offensive security frameworks and adversary techniques. Experience with cloud platforms (public or private), containerisation, and orchestration (e.g. Kubernetes). Familiarity with DevOps practices, Git, and CI/CD pipelines. Infrastructure-as-Code experience (e.g. Terraform, Ansible). Relevant cybersecurity certifications. 35+ years' experience in cybersecurity engineering or delivery roles. Leadership & Professional Attributes Ownership of outcomes and accountability for deliverables. Customer-focused mindset with an emphasis on quality and reliability. Ability to design solutions with long-term scalability and sustainability in mind. Qualifications & Background Bachelor's or Master's degree in Computer Science, Engineering, Information Systems, or a related field (or equivalent experience). 5+ years' experience delivering cybersecurity or security engineering solutions. Broad experience across enterprise security controls such as SIEM, vulnerability management, access management, and monitoring platforms, ideally from both development and operational perspectives. TPBN1_UKTJ
Job Title
SIEM Application Engineer