SIEM Engineer with Elastic Stack

Siem Engineer208296

About the role you're considering

The Cyber Delivery Team is part of the Managed Services function within the Cloud Infrastructure Services (CIS) UK business line. You will interact with a global team of security experts, including Architects, Engineers, Analysts, and Compliance Managers. CIS encourages engagement across different areas of the business and local communities.

We are seeking a skilled SIEM Engineer with expertise in Elastic SIEM to join our cybersecurity team. The ideal candidate will design, implement, and maintain our Elastic SIEM infrastructure to ensure effective security monitoring and incident response.

This role is embedded with an existing Customer SOC, providing engineering support alongside Capgemini SOC analysts and the customer SOC team.

This role requires onsite presence 2 days per week in Warwick.

Successful candidates will undergo pre-employment checks, including identity verification, nationality or immigration status, employment history for the past 3 years, and a criminal record check (Disclosure and Barring Service).

Your role

1. Design and Implementation: Install and maintain Elastic SIEM architecture for optimal performance and scalability.
2. Monitoring and Analysis: Create dashboards and visualizations using the Elastic Stack for real-time security event monitoring.
3. Data Integration: Integrate various data sources into Elasticsearch, ensuring data quality and consistency through ETL processes.
4. Incident Response: Investigate and respond to security incidents using Elastic SIEM capabilities.
5. Performance Optimization: Monitor and optimize Elastic Stack clusters for high availability and reliability.
6. Security Best Practices: Maintain security standards for Elastic Stack, including access controls and encryption, ensuring compliance with regulations.
7. Documentation: Develop and maintain SOPs and technical reports.

We promote an inclusive environment where everyone can bring their whole self to work. Capgemini is committed to building a diverse and welcoming workplace.

Your skills and experience

• Proficiency with Elastic Stack (Elasticsearch, Logstash, Kibana, Beats)
• Strong understanding of cybersecurity principles and practices
• Experience with scripting and automation (Python, Shell)
• Excellent problem-solving, analytical, communication, and teamwork skills
• Experience with other SIEM platforms like Sentinel is preferred but not mandatory
• Knowledge of regulatory standards such as GDPR or HIPAA

Your security clearance

Obtaining Security Check (SC) clearance is required. Applicants must have resided continuously in the UK for the last 5 years and meet other criteria. The process involves questions about residence, nationality, and eligibility. Some positions may be restricted to UK Nationals for security reasons.

What does ‘Get The Future You Want’ mean for you?

You will join a Great Place to Work for Wellbeing in 2024. We prioritize employee wellbeing through trained Mental Health Champions and wellbeing apps. Your unique skills and perspectives will contribute to a team of experts supporting each other. You will help create value for leading organizations, building a sustainable and inclusive future through technology.

Why consider Capgemini?

Joining Capgemini means working with a thriving company dedicated to transforming businesses and society with technology. You will learn, share knowledge, and grow your skills while helping clients innovate. The journey may be challenging, but it’s rewarding to make a positive impact worldwide.

About Capgemini

Capgemini is a global leader in business and technology transformation, with over 340,000 employees in more than 50 countries. With a heritage of over 55 years, it helps organizations accelerate their digital and sustainable transitions, delivering end-to-end services in strategy, design, engineering, AI, cloud, and data. In 2024, the company reported revenues of €22.1 billion.

Get The Future You Want | www.capgemini.com