Key skills
Cyber SecurityFirewallsPythonSplunkTCP/IPPowerShellChange ManagementCommunication
About this role
Role Overview
- Support Intake process including coverage for Eastern Standard Time Business Hours
- Assist with day-to-day administration, health monitoring, and maintenance of the SIEM platform
- Onboard new log source by following standard operating procedures: (validate connectivity, ensure correct parsing, and confirm events are visible and searchable in SIEM)
- Implement and maintain basic SIEM content, including searches, dashboards, alerts, and reports, under guidance from senior engineers or team leads.
- Monitor SIEM alerts and dashboards to identify notable events, perform initial triage, and escalate potential security incidents to the appropriate teams with clear documentation.
- Help maintain and improve SIEM use cases by documenting false positives, data quality issues, and providing feedback to senior engineers for tuning.
- Contribute to documentation (runbooks, standard operating procedures, onboarding checklists) for SIEM operations and use cases.
- Follow change management processes for SIEM configuration changes and assist with testing in lower environments when applicable.
- Stay current on SIEM best practices, logging standards, and relevant security trends; participate in internal training and knowledge‑sharing sessions.
- Utilize tools and analytical skills to investigate the root cause of issues across technologies.
Requirements
- Diploma or bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
- Two years of experience in IT security, IT operations, or SOC environment, with working knowledge of SIEM.
- Basic understanding of operating systems and standard server/application logs, networking fundamentals (TCP/IP, ports, protocol, firewalls, proxies), and core security concepts (common attack types, authentication/authorization)
- Familiarity with at least one SIEM (Splunk, CS NG-SIEM, Palo Alto XSIAM)
- Basic query or scripting skills (KQL, SPL, PowerShell, Python)
- Strong analytical and problem-solving skills with attention to detail.
- Practical written and verbal communication skills for both technical and non-technical audiences
- Understanding of the MITRE ATT&CK framework
- Experience within a MSSP environment & customer-facing.
- Any relevant security certifications or training, such as Security+, SC-200, Splunk/CS NG-SIEM/Palo Alto XSIAM, or similar.
Tech Stack
- Cyber Security
- Firewalls
- Python
- Splunk
- TCP/IP
Benefits
- Medical Insurance
- Employee + dependents covered
- Life Insurance
- Protection for what matters most
- Hybrid Work Model
- 2–3 days in office
- Maternity & Paternity Leave
- Time for the moments that matter
- Paid Time Off
- PTO + sick & casual leave
- Bereavement & Volunteer Time
- Give back to your community
- Professional Development
- Reimbursement program
- LinkedIn L&D Platform
- Thousands of courses at your fingertips
- Mobile Phone Reimbursement
- Stay connected, on us