SIEM Security Analyst

Halo group  •  Plano, TX

Less than 5 years experience  •  IT Consulting/Services

$100K - $120K
Posted on 07/22/17 by Harry Thomas
Halo group
Plano, TX
Less than 5 years experience
IT Consulting/Services
$100K - $120K
Posted on 07/22/17 Harry Thomas

The key objectives for this Threat Analyst position are to expand threat detection and prevention capabilities in existing and future Security tools.  The Analyst must be able to identify gaps in existing security configurations and provide effective recommendations to improve, remediate, and expand controls against cyberthreats.

List the position Requirements:

  • Responsibilities include:
  • Oversee and manage tools such as:
  • Security Information & Event Management (SIEM)
  • Host and Network based Intrusion Detection/Prevention Systems (IDS/IPS)
  • Other security applications
  • Conduct analysis, troubleshooting, and trending of incidents/events detected from SIEM, IDS/IPS, and othersecurity applications
  • Create custom rules and modify existing rules, policies, alerts, etc. within the listed security applications based on stakeholder needs or situational conditions
  • Conduct ongoing Threat Hunting exercises using available security applications
  • Perform Level 2 & 3 triage and handling of securityevents (escalated from Level 1Security Analysts or other); includes but is not limited to identification, containment, remediation, and reporting activities.
  • Create new and enhance existing procedures to improve operational efficiencies and reporting accuracy
  • Develop detailed technical recommendations to solve current and future security issues; identify protection gaps and propose effective mitigating solutions
  • Maintain awareness of emerging threats against financial and affiliate verticals to ensure data protection, system integrity, and network availability
  • Evaluate, design, implement, and configure new security products and technologies
  • Develop, review, and maintain documentation for security systems and procedures
  • Expand Threat Intelligence program through integration, automation, and enhanced workflows
  • Analyze, evaluate, and communicate Threat Intelligence notifications to reduce risk exposures and to defend against cyber attacks

Ability to:

  • Take on new responsibilities and influence others as needed to deliver consistent results
  • Demonstrate strong analytical skills under varying conditions


Must Haves:

  • A Bachelor's Degree in Computer Science or Engineering or equivalent experience
  • Coding/Scriptingexperience (e.g. Python, Perl, PowerShell)
  • Proven experience with creating Regular Expressions
  • Experience with RESTful APIs and automation
  • 1Year of SIEM and NIDS/NIPS (Symantec and/or McAfee preferred) operational experience is required; must have implemented and managed the above technologies; must possess strong technical knowledge of architecture, system policies, rules, etc.
  • Strong verbal and written communications skills; must be able to effectively communicate technical details and thoughts in non-technical/general terminology to various levels of management
  • Work well in team environments with internal and external resources as well as work independently on tasks
  • Strong organizational, multi-tasking, and time management skills

Preferred/ Nice-to-haves:

  • CISSP, CISA, CEH, OSCP, or other industry recognized security certification(s)
  • IBM Qradar implementation and/or management experience
  • Palo Alto and/or McAfee NSM implementation and/or management experience

1Year of DLP, EDR Next Generation Firewalls, and/or Threat Intelligence administration experience; have used or implemented the above technologies in some capacity, understanding incident response, logging, analysis, policy drivers, rules, etc

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.