Enable job alerts via email!
SIEM Application Engineer
Experis - ManpowerGroup
Birmingham
Hybrid
GBP 80,000 - 100,000
Part time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading recruitment agency is seeking a SIEM Application Engineer in Birmingham or Manchester. You will optimise detection rules and support security operations by analysing alerts and refining detection logic. Ideal candidates have hands-on experience with Elastic Security, a strong grasp of alert tuning, and solid communication skills. This is a hybrid role with a competitive day rate.
Qualifications
- Hands-on experience with Elastic Security / Elastic SIEM.
- Strong understanding of detection logic, alert tuning and threat behaviours.
- Strong written communication skills for reporting and documentation.
Responsibilities
- Analyse alerts generated by Elastic Security and validate detection accuracy.
- Tune and optimise existing Elastic SIEM detection rules.
- Map detections to the MITRE ATT&CK framework and identify coverage gaps.
- Produce detection reports, tuning documentation, and analysis summaries.
- Collaborate with SOC analysts and security teams.
Skills
Tools
Role: SIEM Application Engineer
Location: Birmingham or Manchester or Ipswich (Hybrid)
Duration: 3 Months with possible extension
Day rate: £450 - £550 via Umbrella
We are looking for an SIEM Application Engineer to support our security operations by reviewing and optimising detections within our production Elastic Security platform. This role focuses solely on detection analysis, rule refinement, and reporting, rather than SIEM platform engineering or DevOps.
- Analyse alerts generated by Elastic Security and validate detection accuracy.
- Tune and optimise existing Elastic SIEM detection rules to improve fidelity and reduce false positives.
- Map detections to the MITRE ATT&CK framework and identify coverage gaps.
- Produce clear detection reports, tuning documentation, and analysis summaries.
- Collaborate with SOC analysts, incident responders, and security engineering teams.
- Hands‑on experience with Elastic Security / Elastic SIEM, Kibana, and Elasticsearch queries (EQL/KQL).
- Strong understanding of detection logic, alert tuning, and threat behaviours.
- Familiarity with MITRE ATT&CK.
- Strong written communication skills for reporting and documentation.
- Experience in SOC, detection engineering, or threat hunting.
- Exposure to common log types (endpoint, network, cloud).
- Security certifications (Elastic, Security+, CySA+, etc.).
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
