Our growing cyber security company is seeking a talented SIEM Security Analyst to join our team for a one-year contract. In this role, you’ll play a vital role in keeping our clients’ data safe by configuring, maintaining, and optimizing our SIEM (Security Information and Event Management) platform.
What You’ll Do:
- Configure data parsers to transform raw log data into a usable format for analysis across Splunk, Qradar, and Arcsight.
- Develop and maintain security correlation rules to identify potential security incidents and anomalies hidden within log data.
- Manage user roles and permissions within the SIEM platform, ensuring secure access for authorized personnel.
- Define log retention policies and ensure data archiving for compliance and forensic investigations.
- Keep the SIEM software up-to-date with the latest patches and security updates.
- Integrate the SIEM with other security tools to create a comprehensive security ecosystem.
- Continuously monitor and fine-tune the SIEM to minimize false positives and maximize threat detection accuracy.
- Generate reports and alerts to ensure compliance with industry standards and regulations.
- Manage the addition of new log sources as our clients’ IT environments evolve.
- Develop and test disaster recovery plans to guarantee SIEM availability during critical situations.
- Monitor SIEM performance and scalability to ensure it can handle ever-increasing data volumes.
- Manage log data storage infrastructure, including backups and data retention policies.
- Integrate threat intelligence feeds to enhance the SIEM’s ability to detect emerging threats.
- Coordinate with SIEM vendors and support providers for technical assistance and updates.
- Ensure the SIEM actively enforces security policies and compliance requirements.
- Analyze and enhance log data quality from various sources.
What We’re Looking For:
- Minimum 2 year of experience working with SIEM solutions (Splunk, Qradar, Arcsight preferred).
- Strong understanding of security concepts, log analysis, and incident detection.
- Experience with writing and maintaining SIEM correlation rules.
- Excellent analytical and problem-solving skills.
- Experience with data parsing and normalization techniques.
- Proficiency in working with scripting languages (Python, PowerShell) is a plus.
- Excellent communication and documentation skills.
- Ability to work independently and as part of a team.
Why Join Us?
- Opportunity to work with cutting-edge security technologies.
- Dynamic and fast-paced work environment.
- Gain valuable experience in a leading cybersecurity company.
- Make a real difference in protecting our clients’ data.
- Competitive salary and benefits package (for contract positions).
