Salary: £54,000 - 66,000 per year Requirements: We are looking for candidates with hands-on experience in Elastic Security, Elastic SIEM, Kibana, and Elasticsearch queries (EQL/KQL). A strong understanding of detection logic, alert tuning, and threat behaviors is essential. Familiarity with the MITRE ATT&CK framework is also required. Candidates should possess strong written communication skills for reporting and documentation. Responsibilities: In this role, I will be responsible for analyzing alerts generated by Elastic Security and validating detection accuracy. I will tune and optimize existing Elastic SIEM detection rules to enhance fidelity and minimize false positives. Additionally, I will map detections to the MITRE ATT&CK framework and identify any coverage gaps. Producing clear detection reports, tuning documentation, and analysis summaries will also be a core part of my responsibilities. I will collaborate with SOC analysts, incident responders, and security engineering teams to achieve our objectives. Technologies: Cloud ElasticSearch Kibana Network Security DevOps Support More: The position is based in Birmingham, Manchester, or Ipswich on a hybrid model. It is initially for a duration of 3 months with the possibility of extension. The day rate for this role is £450 - £550 via Umbrella. While experience in a SOC, detection engineering, or threat hunting would be beneficial, it is not mandatory. Exposure to common log types such as endpoint, network, and cloud, as well as security certifications (such as Elastic, Security, CySA, etc.), would be considered a plus. last updated 4 week of 2026