Valid Secret security clearance required

Elastic SIEM Architect (Design, Implementation & Deployment)

Role Overview

Lead the architecture, design, and deployment of a large-scale, multi-tenant Elastic SIEM platform on GCP, supporting Central Logging Service (CLS) and Event Correlation & Behaviour Analytics (ECBA).

Key Responsibilities

• Design scalable, multi-cluster Elastic architecture for high EPS environments
• Develop data lifecycle strategy (hot/warm/cold/archive tiers)
• Implement tenant isolation and RBAC models
• Design and deploy cross-cluster search (CCS) and replication (CCR)
• Integrate Elastic with:
• SOAR
• Network visibility Tools
• External systems (EDR, identity, firewalls)
• Ensure HA, DR, backup, and failover capabilities
• Optimize for performance, scale, and cost efficiency
• Support SA&A, security, and compliance requirements <...