SIEM Analyst- LogRhythm

Job title: SIEM Analyst- LogRhythm

Company: Green Umbrella Recruitment


Job description: Job Description :Responsibilities:-

• Design, deploy, and maintain SIEM solutions

• Configure and fine-tune log sources, collectors, and agents

• Develop and implement use cases, correlation rules, and alerts

• Monitor and analyze security events and alerts generated by the SIEM system

• Investigate and respond to security incidents, performing root cause analysis and recommending corrective actions

• Conduct threat hunting activities to identify potential security risks

• Ensure comprehensive log collection and retention across various IT systems and applications.

• Perform regular log analysis to identify and mitigate security threats

• Develop and maintain dashboards and reports for security metrics and trends

• Work closely with other IT and security teams to integrate SIEM with other security tools and processes

• Provide technical guidance and training to junior analysts and other team members

• Communicate effectively with stakeholders to report on security incidents and system performance

• Stay updated on the latest cybersecurity threats, trends, and technologies

• Recommend and implement improvements to the SIEM system and related processes

• Participate in security audits and assessments, ensuring compliance with industry standards and regulations

• SIEM Enhancement and Tuning.

• Review the SIEM logs for emerging threats and vulnerabilities, identifying areas for improvement in detection and correlation

• Rule and alert optimization: Fine-tune existing SIEM rules and alerts to minimize false positives and negatives, ensuring efficient incident identification and response

• Log source management: Continuously integrate new log sources and optimize existing ones for efficient data collection and analysis

• Develop custom SIEM rules, dashboards, and reports to address specific SOC team requirements and security needs.

• Monitor and optimize SIEM performance to ensure efficient resource utilization and timely incident detection.

• Requirement gathering and analysis: Actively engage with the SOC team to understand their security monitoring needs and translate them into actionable SIEM configurations

• Generate regular reports on SIEM activity, security incidents, and tuning efforts, fostering clear communication with the SOC team

• Provide training to SOC analysts on SIEM usage, best practices, and newly implemented features

• Collaborate with the SOC team to identify and implement improvements to the overall security monitoring posture.

• Escalation and Issue Management: Defined escalation

• procedures: Establish clear escalation procedures for high-priority incidents, ensuring timely communication and resolution

• Effectively communicate and collaborate with local IT support and security vendors to resolve escalated issues.

• Track escalated issues through resolution, documenting steps taken and outcomes for future reference

• The SIEM Analyst will work on regular tuning and optimization of SIEM use cases, leading to more effective monitoring, reducing false positives, and ensuring accurate detections.

• The SIEM Analyst will work with the SOC team to add new use cases to monitor emerging threats and respond quickly to changes in attack patterns, ensuring proactive security coverage.

• The SIEM Analyst will work to ensure that NWS assets are continuously updated in the SIEM, allowing for accurate monitoring and early detection of potential security incidents involving critical assets.

• The SIEM Analyst will work on regularly updating the SIEM in response to NWS’s IT environment changes, ensuring continuous and comprehensive security coverage.

• The SIEM Analyst will provide updates and reports on SIEM system performance and improvements, ensuring that all stakeholders are informed about the system’s current state and enhancements.

Requirements

• Minimum of 5 years of experience in cybersecurity with a focus on SIEM technologies.

• Proven experience with LogRhythm SIEM platform.

• Certified LogRhythm Engineer (preferred).

• Hands-on experience with log management, threat detection, and incident response.

Expected salary:

Location: Muscat

Job date: Tue, 19 Nov 2024 00:02:29 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck