SIEM Analyst - Firewall

Description :

Job Summary :

We are looking for a SIEM Engineer / Analyst (L1/L2/L3) to monitor, analyze, and respond to security events using SIEM tools. The candidate will help detect threats, perform incident triage, and support security operations to protect the organizations digital assets.

Key Responsibilities :

L1 (Entry-Level / Junior SIEM Analyst) :

- Monitor SIEM dashboards for alerts and security events.

- Perform initial triage and log analysis to identify potential threats.

- Escalate incidents to L2 analysts as per SOPs.

- Maintain incident logs and documentation.

L2 (Intermediate / Experienced SIEM Analyst) :

- Analyze complex security events and alerts from SIEM systems.

- Configure correlation rules, log sources, and custom dashboards.

- Conduct incident investigation and root cause analysis.

- Collaborate with SOC and IT teams to mitigate threats.

L3 (Senior / Lead SIEM Analyst) :

- Lead threat hunting and advanced security investigations.

- Tune and optimize SIEM rules and alerts to reduce false positives.

- Mentor L1 and L2 analysts and provide technical guidance.

- Participate in incident response, forensics, and security improvement initiatives.

- Integrate new log sources, applications, and security tools into SIEM.

Required Skills & Expertise :

- Hands-on experience with SIEM tools : Splunk, QRadar, ArcSight, LogRhythm, etc.

- Strong understanding of network protocols, operating systems, and cybersecurity concepts.

- Ability to analyze logs, detect anomalies, and investigate incidents.

- Knowledge of threat intelligence, attack vectors, and mitigation techniques.

Preferred Skills / Certifications :

- Certifications : Splunk Certified, CEH, CompTIA Security+, CISSP

- Experience with SOAR tools, IDS/IPS, Firewall, WAF, NAC, Endpoint Security.

- Understanding of regulatory compliance : ISO 27001, NIST, GDPR.

- Scripting for automation (Python, PowerShell, Bash).