Role: SIEM Engineer
Location: Hereford (100% on site)
IR35: Inside
Rate: 550/day (Umbrella)
Duration: Until 31/3/2025
Security Clearance: DV preferred, will consider SC & Sole UK national
A new technical role is available to provide direct engineering and administration of infrastructure monitoring to enhance the support of network and IT services.  It is based on maintaining the enterprise’s Elasticsearch environments. Numerous Elasticsearch instances on separate systems parsing logs and ingesting through their pipelines to a central SIEM location to deliver data for security, IT Ops and availability. Utilising Kibana to visualise and enrich data and Logstash to ingest and forward data to a central air-gapped instance.
Beyond this the identification of opportunities to create business value through Elasticsearch is crucial.  This spans the abilities to expand the collection infrastructure, ingest disparate data and enhance visualisation to provide insight and boost the efficiency of technical support.  As the technical expert within the team, involvement in developing requirements ahead of monitoring and visualisation enhancement work will be encouraged.
We are investing in Elasticsearch training for our people and, as the senior monitoring engineer, the role will involve mentoring those of lesser experienced to compliment this.  The role is part of a support team of 30 operational staff, server engineers and network engineers and will be required to interact with middle management to receive direction, offer technical advice and explain the status of relevant issues and incidents.
Essential experience
• 3 years professional experience supporting or developing IT infrastructure monitoring in a production environment using Elasticsearch technology (Including pfELK, HELK, Kibana and Logstash).
• The retrieval of data from disparate sources within a distributed deployment.
• The development and delivery of dashboards to meet business needs for IT Ops monitoring, visibility and alerts.
Desirable experience:
Hosting. Experience with hosting Elasticsearch in a Windows and Linux server environment. Visualisation.
The creation of custom dashboards to meet business needs using KQL. This should include system and network status and environmental monitoring.
Authentication. Administration of user authentication through transfer of role-based access control from Active Directory.
Custom applications and integrations. The creation of custom integrations to meet specific data ingest requirements.
Fleet Server. Administration of a fleet server to distribute Elastic Agent environment configurations. Custom data pipelines. Parse and ingest custom data into an Elasticsearch environment to provide IT Ops monitoring.
PRTG. Administration of PRTG including the setting up of sensors, managing licence validity and the creation of views for network traffic monitoring and analysis.
Linux OS. Experience with Linux based OS and its command line interface, network logging and analysis tools. Linux system administrator for Ubuntu with working knowledge of UFW and Iptables. Preferably inclusive of R Syslog as well as the interpretation and parsing of logs.
PRTG. Administration of PRTG including the setting up of sensors, managing licence validity and the creation of views for network traffic monitoring and analysis.

 To apply for this role please submit your latest CV or contact Aspect Resources on 0121 794 8181

Disability Confident
As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.
Armed Forces Covenant   
CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group.
If you qualify for the above, please notify us on 0121 794 8181.
We will be in touch to discuss your suitability and arrange your Guaranteed Interview.
Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.