We are seeking a dedicated and experienced individual with a strong background in information security and technology to join our growing Managed Security Service Provider (MSSP) within the Security Operations Center (SOC). As a SOC SIEM Analyst, you will play a crucial role as the technical expert who ensures our SIEM platform runs at peak performance and provides actionable security intelligence.
Requirements
- Administer and maintain the SIEM platform, ensuring system health, performance, storage, and availability.
- Coordinate with internal and client teams to onboard new log sources, ensuring accurate and efficient data collection and parsing.
- Create, tune, and manage SIEM content including correlation rules, alerts, dashboards, and reports to enhance detection capabilities and reduce false positives.
- Analyze SIEM performance metrics and implement improvements to support scalability and high-speed querying.
- Maintain documentation for SIEM architecture, processes, and procedures. Generate reports on system health, performance, and security metrics for management and compliance.
- Conduct in-depth analysis and investigation of security incidents. Collaborate with SOC analysts to escalate and resolve advanced threats.
- Assess client security needs and recommend tailored solutions aligned with Kraft Kennedy SOC standards. Develop and implement security policies to strengthen client security posture.
- Provide technical guidance and support to the SOC team. Troubleshoot SIEM-related issues and ensure timely resolution.
- Stay current with emerging security trends, technologies, and threats to proactively safeguard client environments.
- Be available on call outside of normal business hours in case of emergencies. Able to work in a fast-paced environment and manage multiple priorities.
- Leverage experience across various IT disciplines, including hands-on use of security monitoring tools, vulnerability scanning, and reviewing assessment reports. Maintain strong networking knowledge with a focus on security.
- Demonstrate deep understanding of enterprise-level SIEM platforms (e.g., ConnectWise SIEM), including log formats, collection methodologies, data normalization, and content creation (correlation rules, exclusions, dashboards, reports).
- Experience with Linux/Windows system administration and command-line tools. Proficient in scripting languages such as Python and PowerShell, and query languages like KQL.
- Knowledge of security frameworks (MITRE ATT&CK, NIST, CIS). Hands-on experience with incident handling and response processes.
- Strong analytical skills to diagnose and resolve technical issues effectively.
- Excellent verbal and written communication skills, with the ability to explain complex technical concepts to both technical and non-technical audiences. Strong teamwork and collaboration skills.
- Demonstrate proficiency with the Kraft Kennedy SOC stack.
Benefits
- Medical, dental, life and disability insurance
- 401k with company match
- Holidays/vacation/sick days
- Cutting edge training on the latest technologies
- Employee referral bonus program
- Phone reimbursement
