Role: SIEM Application EngineerLocation: Birmingham or Manchester or Ipswich (Hybrid)Duration: 3 Months with possible extensionDay rate: 450 - 550 via Umbrella OverviewWe are looking for an SIEM Application Engineer to support our security operations by reviewing and optimising detections within our production Elastic Security platform. This role focuses solely on detection analysis, rule refinement, and reporting, rather than SIEM platform engineering or DevOps.Key ResponsibilitiesAnalyse alerts generated by Elastic Security and validate detection accuracy.Tune and optimise existing Elastic SIEM detection rules to improve fidelity and reduce false positives.Map detections to the MITRE ATTandCK framework and identify coverage gaps.Produce clear detection reports, tuning documentation, and analysis summaries.Collaborate with SOC analysts, incident responders, and security engineering teams.Required SkillsHands-on experience with Elastic Security / Elastic SIEM, Kibana, and Elasticsearch queries (EQL/KQL).Strong understanding of detection logic, alert tuning, and threat behaviours.Familiarity with MITRE ATTandCK.Strong written communication skills for reporting and documentation.Nice to HaveExperience in SOC, detection engineering, or threat hunting.Exposure to common log types (endpoint, network, cloud).Security certifications (Elastic, Security+, CySA+, etc.). ..... full job details .....