Hamilton Barnes logo

L3 Security Analyst (Elastic SIEM Specialist) - 6 months, Fully Remote - Outside IR35

Hamilton Barnes
1 hour ago
Contract
Dublin
Ireland

L3 Security Analyst (Elastic SIEM Specialist) - 6 months, Fully Remote - Outside IR35

In this role, you will act as the senior escalation point within a SOC environment, leading advanced threat investigations and driving improvements across Elastic SIEM capabilities. You will work closely with security teams, engineers, and stakeholders to strengthen detection engineering, incident response, and overall security posture.

Key Responsibilities

  • Lead advanced threat investigations including persistence, privilege escalation, lateral movement, and data exfiltration.
  • Act as the highest technical escalation point for SIEM alerts and major incidents.
  • Conduct complex analysis using KQL and EQL within Elastic environments.
  • Own and optimise the Elastic SIEM platform, including performance tuning and data life cycle management.
  • Develop and refine detection rules aligned to MITRE ATT&CK and behavioural analytics.
  • Carry out proactive threat hunting and build dashboards, queries, and visualisations.
  • Drive improvements in SOC processes, playbooks, and automation opportunities.
  • Collaborate with cross-functional teams on logging, architecture, and security requirements.
  • Provide mentorship and guidance to L1/L2 analysts and support knowledge sharing.

Skills & Experience

  • Strong experience as a senior SOC or Security Analyst (L3 level or equivalent).
  • Deep expertise with Elastic Stack (Elasticsearch, Kibana, Elastic Security, Beats, Elastic Agent).
  • Strong hands-on experience with KQL/EQL and detection engineering.
  • Experience leading incident response and conducting complex investigations.
  • Good understanding of MITRE ATT&CK and threat actor TTPs.
  • Experience with Scripting (Python, PowerShell, or Bash) and API integrations.
  • Strong knowledge of Windows/Linux internals and network protocols.
  • Experience with cloud logging environments (AWS, Azure, or GCP).
  • Excellent analytical, communication, and stakeholder management skills.

Contract Details

Location: Dublin (3 or 4 times per week)
Duration: 6 months
Daily Rate: £500 per day Outside IR35