Cyber Defense Center (CDC) Elastic Engineer

Cyber Defense Center (CDC) Elastic Engineer

With over 1,000 IT specialists across 6 countries, we develop and promote new business models within the Würth Group. We are seeking an Elastic Engineer to join our international Security Operations Center (SOC). The selected candidate will play a strategic role in managing, optimizing, and scaling the Elastic Stack-based SIEM platform, contributing to core threat detection and incident response capabilities.

Responsibilities:

• Administer and manage the Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) used as the SOC’s central SIEM platform.
• Design and optimize Elasticsearch clusters in distributed and high-availability environments.
• Develop data ingestion pipelines from heterogeneous sources using Logstash and Beats.
• Optimize performance, index mappings, and queries for efficient search and correlation.
• Collaborate with SOC analysts and security teams to integrate new data sources and detection use cases.
• Automate deployment, updates, and backups of the infrastructure.
• Implement security controls (X-Pack, TLS, RBAC) for the Elastic platform.
• Write and update technical documentation and operational procedures.

Requirements:

• Solid experience with Elastic Stack in production environments.
• Deep understanding of SIEM architectures and security monitoring best practices.
• Experience with log management, data parsing, and normalization.
• Familiarity with cybersecurity concepts, threat intelligence, and detection engineering.
• Strong command of Linux systems and scripting (Bash, Python).
• Knowledge of automation and CI/CD tools (e.g., Ansible, GitLab CI, Terraform).
• Basic networking skills and understanding of common logging protocols (e.g., Syslog, JSON, HTTP APIs).
• Ability to work effectively in international and cross-functional teams.
• High level of autonomy and strong problem-solving skills.
• Excellent communication skills, both written and verbal.
• Fluency in Italian and professional proficiency in English.

Nice to Have:

• Elastic certifications (e.g., Elastic Certified Engineer) will be considered a strong plus.

What We Offer:

• A position within a global cybersecurity team focused on protecting critical infrastructure.
• Collaboration with a highly skilled and motivated team.
• Opportunities to work on international projects within the Würth Group.
• Technology partnerships with Atlassian, Elastic, RedHat, Icinga, and Influx.
• Flexible working hours and remote work.
• A competitive compensation package, including a company MBO incentive system.
• A performance bonus convertible into a wide range of welfare services and benefits.
• Ongoing corporate training and the opportunity to obtain company-funded certifications.
• Accident insurance and supplementary health coverage.
• A young and dynamic work environment, with regular team events such as sports activities, informal dinners, cultural outings, and more.

Note: The additional questions about areas of interest and education level, as well as the privacy policy acknowledgment, are part of the application process.