---

---

Location

Hereford, Herefordshire | United Kingdom

---

Job description

This contract with our central government client is for a SIEM Engineer for 12 months. The role is located in Hereford and requires 100% of time onsite. A new technical role is available to provide direct engineering and administration of infrastructure monitoring to enhance the support of network and IT services.  It is based on maintaining the enterprise’s Elasticsearch environments. Numerous Elasticsearch instances on separate systems parsing logs and ingesting through their pipelines to a central SIEM location to deliver data for security, IT Ops and availability. Utilising Kibana to visualise and enrich data and Logstash to ingest and forward data to a central air-gapped instance. Beyond this the identification of opportunities to create business value through Elasticsearch is crucial.  This spans the abilities to expand the collection infrastructure, ingest disparate data and enhance visualisation to provide insight and boost the efficiency of technical support.  As the technical expert within the team, involvement in developing requirements ahead of monitoring and visualisation enhancement work will be encouraged. They are investing in Elasticsearch training for their people and, as the senior monitoring engineer, the role will involve mentoring those of lesser experienced to compliment this.  The role is part of a support team of 30 operational staff, server engineers and network engineers and will be required to interact with middle management to receive direction, offer technical advice and explain the status of relevant issues and incidents. Requirements

• 3 years professional experience supporting or developing IT infrastructure monitoring in a production environment using Elasticsearch technology (Including pfELK, HELK, Kibana and Logstash).
• The retrieval of data from disparate sources within a distributed deployment.
• The development and delivery of dashboards to meet business needs for IT Ops monitoring, visibility and alerts.

Desirable experience: - Hosting: - Experience with hosting Elasticsearch in a Windows and Linux server environment. - Visualisation:

• The creation of custom dashboards to meet business needs using KQL.
• This should include system and network status and environmental monitoring.

- Authentication:

• Administration of user authentication through transfer of role-based access control from Active Directory.
• Custom applications and integrations.
• The creation of custom integrations to meet specific data ingest requirements.

- Fleet Server:

• Administration of a fleet server to distribute Elastic Agent environment configurations.
• Custom data pipelines.
• Parse and ingest custom data into an Elasticsearch environment to provide IT Ops monitoring.

- PRTG:

• Administration of PRTG including the setting up of sensors, managing licence validity and the creation of views for network traffic monitoring and analysis.
• Linux OS. Experience with Linux based OS and its command line interface, network logging and analysis tools.
• Linux system administrator for Ubuntu with working knowledge of UFW and Iptables.
• Preferably inclusive of R Syslog as well as the interpretation and parsing of logs.

PRTG.

- Administration of PRTG including the setting up of sensors, managing licence validity and the creation of views for network traffic monitoring and analysis.

---

Job tags

---

---

Salary