SIEM Analyst
Posted on :
06-11-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Responsibilities:
- Design deploy and maintain SIEM solutions
- Configure and finetune log sources collectors and agents
- Develop and implement use cases correlation rules and alerts
- Monitor and analyze security events and alerts generated by the SIEM system
- Investigate and respond to security incidents performing root cause analysis and recommending corrective actions
- Conduct threat hunting activities to identify potential security risks
- Ensure comprehensive log collection and retention across various IT systems and applications.
- Perform regular log analysis to identify and mitigate security threats
- Develop and maintain dashboards and reports for security metrics and trends
- Work closely with other IT and security teams to integrate SIEM with other security tools and processes
- Provide technical guidance and training to junior analysts and other team members
- Communicate effectively with stakeholders to report on security incidents and system performance
- Stay updated on the latest cybersecurity threats trends and technologies
- Recommend and implement improvements to the SIEM system and related processes
- Participate in security audits and assessments ensuring compliance with industry standards and regulations
- SIEM Enhancement and Tuning.
- Review the SIEM logs for emerging threats and vulnerabilities identifying areas for improvement in detection and correlation
- Rule and alert optimization: Finetune existing SIEM rules and alerts to minimize false positives and negatives ensuring efficient incident identification and response
- Log source management: Continuously integrate new log sources and optimize existing ones for efficient data collection and analysis
- Develop custom SIEM rules dashboards and reports to address specific SOC team requirements and security needs.
- Monitor and optimize SIEM performance to ensure efficient resource utilization and timely incident detection.
- Requirement gathering and analysis: Actively engage with the SOC team to understand their security monitoring needs and translate them into actionable SIEM configurations
- Generate regular reports on SIEM activity security incidents and tuning efforts fostering clear communication with the SOC team
- Provide training to SOC analysts on SIEM usage best practices and newly implemented features
- Collaborate with the SOC team to identify and implement improvements to the overall security monitoring posture.
- Escalation and Issue Management: Defined escalation
- procedures: Establish clear escalation procedures for highpriority incidents ensuring timely communication and resolution
- Effectively communicate and collaborate with local IT support and security vendors to resolve escalated issues.
- Track escalated issues through resolution documenting steps taken and outcomes for future reference
- The SIEM Analyst will work on regular tuning and optimization of SIEM use cases leading to more effective monitoring reducing false positives and ensuring accurate detections.
- The SIEM Analyst will work with the SOC team to add new use cases to monitor emerging threats and respond quickly to changes in attack patterns ensuring proactive security coverage.
- The SIEM Analyst will work to ensure that NWS assets are continuously updated in the SIEM allowing for accurate monitoring and early detection of potential security incidents involving critical assets.
- The SIEM Analyst will work on regularly updating the SIEM in response to NWSs IT environment changes ensuring continuous and comprehensive security coverage.
- The SIEM Analyst will provide updates and reports on SIEM system performance and improvements ensuring that all stakeholders are informed about the systems current state and enhancements.
Requirements
- Minimum of 5 years of experience in cybersecurity with a focus on SIEM technologies.
- Proven experience with LogRhythm SIEM platform.
- Certified LogRhythm Engineer (preferred).
- Handson experience with log management threat detection and incident response.
Minimum of 5 years of experience in cybersecurity with a focus on SIEM technologies. Proven experience with LogRhythm SIEM platform. Certified LogRhythm Engineer (preferred). Hands-on experience with log management, threat detection, and incident response.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
