IT Security Specialist – Elastic / SIEM (ELK Stack)
Brussels, Belgium (Hybrid – near Brussels North)
Full-time | Contract until December 2026 (9 months)
About the Role
We are looking for an IT Security Specialist with strong expertise in the Elastic Stack (ELK) to join a cybersecurity team focused on log management, monitoring, and threat detection.
You will play a key role in designing, deploying, and maintaining a centralized security monitoring platform, leveraging Elastic technologies to enhance visibility and strengthen the overall security posture.
Key Responsibilities
Security Monitoring & SIEM
* Implement and configure Elastic Security (SIEM) for threat detection and analysis
* Develop use cases for identifying and responding to security events
* Configure alerts, dashboards, and monitoring tools
Data Collection & Processing
* Design and maintain log ingestion pipelines using Logstash and Kafka
* Collect and integrate logs from multiple sources (Firewall, WAF, IAM, IDS/IPS, etc.)
* Normalize data using Elastic Common Schema (ECS)
Elastic Stack Implementation
* Deploy and manage Elasticsearch, Kibana, Logstash, Elastic Security, and Elastic Defend
* Configure and manage Elastic Agents via Fleet (policies, lifecycle, large-scale deployment)
* Participate in the design of Fleet Server architecture and endpoint integration
Endpoint Security
* Deploy and configure Elastic Agents on Linux and Windows servers
* Implement endpoint protection and behavioral analysis using Elastic Defend
Collaboration & Knowledge Sharing
* Support internal teams in adopting Elastic security best practices
* Provide guidance and training where needed
* Collaborate closely with security and infrastructure teams
Documentation
* Produce technical and operational documentation
* Ensure proper knowledge transfer and long-term maintainability
Required Skills & Experience
* Strong hands-on experience with the Elastic Stack (Elasticsearch, Kibana, Logstash)
* Experience with Elastic Security (SIEM) and Elastic Defend
* Proven expertise in Fleet architecture and Elastic Agent management
* Experience building and managing log ingestion pipelines
* Knowledge of security tools and environments (Firewall, IDS/IPS, IAM, etc.)
* Understanding of log normalization and ECS standards
Nice to Have
* Experience with Apache Kafka
* Knowledge of Ansible or automation tools
* Familiarity with threat modeling and security frameworks
Languages
* French – Native proficiency
* English – Working proficiency
Work Environment
* Hybrid setup: minimum 50% on-site (at least 1 day per week)
* Collaborative environment within a dedicated cybersecurity team
* Opportunity to work on large-scale security monitoring and SIEM implementation