Ingénieur Système Medior Elastic SecuritySIEM JP053874

IT Security Specialist Elastic / SIEM (ELK Stack)

Brussels Belgium (Hybrid near Brussels North)
Full-time Contract until December 2026 (9 months)

About the Role

We are looking for an IT Security Specialist with strong expertise in the Elastic Stack (ELK) to join a cybersecurity team focused on log management monitoring and threat detection.

You will play a key role in designing deploying and maintaining a centralized security monitoring platform leveraging Elastic technologies to enhance visibility and strengthen the overall security posture.

Key Responsibilities

Security Monitoring & SIEM

• Implement and configure Elastic Security (SIEM) for threat detection and analysis
• Develop use cases for identifying and responding to security events
• Configure alerts dashboards and monitoring tools

Data Collection & Processing

• Design and maintain log ingestion pipelines using Logstash and Kafka
• Collect and integrate logs from multiple sources (Firewall WAF IAM IDS/IPS etc.)
• Normalize data using Elastic Common Schema (ECS)

Elastic Stack Implementation

• Deploy and manage Elasticsearch Kibana Logstash Elastic Security and Elastic Defend
• Configure and manage Elastic Agents via Fleet (policies lifecycle large-scale deployment)
• Participate in the design of Fleet Server architecture and endpoint integration

Endpoint Security

• Deploy and configure Elastic Agents on Linux and Windows servers
• Implement endpoint protection and behavioral analysis using Elastic Defend

Collaboration & Knowledge Sharing

• Support internal teams in adopting Elastic security best practices
• Provide guidance and training where needed
• Collaborate closely with security and infrastructure teams

Documentation

• Produce technical and operational documentation
• Ensure proper knowledge transfer and long-term maintainability

Required Skills & Experience

• Strong hands-on experience with the Elastic Stack (Elasticsearch Kibana Logstash)
• Experience with Elastic Security (SIEM) and Elastic Defend
• Proven expertise in Fleet architecture and Elastic Agent management
• Experience building and managing log ingestion pipelines
• Knowledge of security tools and environments (Firewall IDS/IPS IAM etc.)
• Understanding of log normalization and ECS standards

Nice to Have

• Experience with Apache Kafka
• Knowledge of Ansible or automation tools
• Familiarity with threat modeling and security frameworks

Languages

• French Native proficiency
• English Working proficiency

Work Environment

• Hybrid setup: minimum 50% on-site (at least 1 day per week)
• Collaborative environment within a dedicated cybersecurity team
• Opportunity to work on large-scale security monitoring and SIEM implementation