SIEM Analyst

Role: SIEM Analyst Location: San Jose, CA (100% Onsite) Duration: 6 Months Contract Key Responsibilities • Monitor and analyze security event logs from various sources (e.g., firewalls, intrusion detection systems, endpoint protection) to identify potential security threats. • Monitor, triage, and investigate logs and alerts generated in the Splunk SIEM platform. • Perform initial analysis of security events, escalate incidents as needed, and assist with root cause identification. • Conduct in-depth analysis of security incidents to determine root cause and recommend remediation steps. • Support the integration of logs from enterprise systems into the Splunk environment. • Validate log completeness, rule logic, and alert relevance across critical infrastructure. • Tune and optimize correlation rules, dashboards, and use cases for operational efficiency. • Perform regular vulnerability scans using tools such as Tenable and Rapid7 Insight VM to identify potential vulnerabilities in the organization's network infrastructure. • Prioritize remediation efforts based on risk assessment and business impact. • Coordinate remediation efforts with IT teams to ensure timely patching of identified vulnerabilities. • Conduct threat hunting activities using tools such as SIEM, EDR, and CASB to proactively identify potential threats that may have evaded traditional security controls. • Participate in incident response and threat hunting efforts when needed. • Monitor network traffic, detect anomalies, and respond to potential security threats using advanced security tools and technologies. • Assist in improving SIEM-related processes, detection coverage, and alert fidelity. • Collaborate with the team to respond quickly and effectively in the event of a security breach or incident. • Maintain documentation related to log flows, triage procedures, detection use cases, and cybersecurity best practices. • Develop and maintain documentation on cybersecurity processes, procedures, and operational standards Qualifications: • Bachelor’s degree in Computer Science, Information Assurance, or a related field; Master’s degree preferred. • 5+ years of experience in a SOC or cybersecurity rolewithhands-on experience in SIEM platforms (Splunk preferred). • Proven expertise in threat analysis, incident response, and vulnerability management. • Strong understanding oflog sources such as Windows/Linux servers, firewalls, and cloud infrastructure. • Experience analyzing security events and triaging alertsin complex, multi-platform environments. • Familiarity with cloud platforms(e.g., AWS, Azure, or similar). • Experience withvulnerability management tools such as Tenable or Rapid7 Insight VM; familiarity with other scanning tools is a plus. • Knowledge of detection engineering, correlation rules, and security incident workflows. • Ability to work collaboratively across teams and communicate findings clearly and professionally. • Inclusive and adaptable, with the ability to navigate diverse global environments and norms. • A curious and resilient learner, eager to understand challenges through data-driven approaches. • Innovative and proactive, capable of exploring new ideas and adapting quickly to change. • Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA, or similar)are a plus. Job Type: Contract Pay: $70.00 - $75.00 per hour Education: • Bachelor's (Required) Experience: • SOC or cybersecurity: 5 years (Required) • SIEM platforms : 5 years (Required) • Splunk: 5 years (Required) • threat analysis: 5 years (Required) • incident response: 5 years (Required) • vulnerability management: 5 years (Required) • vulnerability management tools : 5 years (Required) • Tenable: 5 years (Required) • Rapid7 : 5 years (Required) License/Certification: • Splunk Core Certified Power User (Preferred) • Security+, (Preferred) • GCIA (Preferred) Location: • San Jose, CA 95134 (Required) Work Location: In person