📝 Job Overview:
We are hiring a SIEM Analyst to support enterprise-level threat detection, response, and compliance initiatives. The ideal candidate will be responsible for monitoring and tuning SIEM platforms, analyzing security events, and working closely with incident response and compliance teams.
🔧 Responsibilities:
- Monitor and analyze security alerts from the SIEM (e.g., Microsoft Sentinel, Splunk, QRadar)
- Investigate potential security incidents and escalate as needed
- Tune SIEM rules and detection logic to reduce false positives
- Create and maintain correlation rules, alerts, dashboards, and reports
- Integrate data sources into the SIEM, including logs from firewalls, AD, endpoints, and cloud
- Collaborate with SOC and threat intelligence teams to enrich detection capabilities
- Assist in forensic analysis and compliance reporting (SOX, HIPAA, NIST, etc.)
- Document incident response procedures and maintain knowledge base
✅ Required Skills:
- 3–5+ years of experience in a SOC or security monitoring role
- Strong experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar, LogRhythm)
- Solid understanding of MITRE ATT&CK, TTPs, and kill chain analysis
- Familiarity with log formats (Syslog, Windows Event Logs, DNS, Proxy)
- Experience writing KQL queries (for Sentinel) or SPL (for Splunk)
- Knowledge of incident response processes, malware behavior, and indicators of compromise
- Understanding of cloud security events (Azure, AWS, O365 logs)
- Experience working under compliance frameworks (SOX, HIPAA, ISO 27001)
- Scripting or automation skills (PowerShell, Python) is a plus
- Certifications such as Security+, CySA+, GCIA, or AZ-500 preferred
🎁 What We Offer:
- Competitive compensation
- Remote-friendly environment
- Challenging enterprise security projects
- Team-driven culture with support for growth
- Training and certification reimbursement