SIMS Analyst

Key Responsibilities • Security Event Monitoring: Analyze security logs from various sources (e.g., firewalls, IDS/IPS, EDR tools) to identify potential threats. • Alert Investigation: Triage and investigate alerts generated bySplunk SIEM, escalating incidents when appropriate. • Root Cause Analysis: Conduct post-incident investigations to determine root causes and recommend remediation steps. • Log Source Integration: Onboard and validate log sources into Splunk, ensuring data completeness and accuracy. • Detection Optimization: Tune correlation rules, dashboards, and detection use cases to improve SIEM effectiveness. • Vulnerability Management: Conduct vulnerability scans using tools likeTenableorRapid7 InsightVM, prioritize findings, and coordinate remediation efforts with IT teams. • Threat Hunting: Proactively hunt for threats using SIEM, EDR, and CASB platforms. • Incident Response: Support incident response activities with in-depth analysis and investigation. • Network Monitoring: Identify anomalies in network traffic using advanced analytics and security tools. • SIEM Improvement: Continuously enhance SIEM alerting fidelity, coverage, and triage workflows. • Documentation: Maintain documentation for log onboarding, triage procedures, detection logic, and security standards. • Best Practices & Process Development: Contribute to cybersecurity best practices and continuous improvement initiatives. Qualifications & Requirements • Minimum5 yearsin SOC or cybersecurity roles, with hands-onSplunk SIEMexperience. • Proficient inthreat detection,incident response, andvulnerability management. • Deep understanding of log analysis acrossWindows,Linux,cloud (AWS, Azure), and network platforms. • Familiarity with tools likeTenable,Rapid7 InsightVM, andCASBplatforms. • Strong grasp ofdetection engineering, alert tuning, and security operations. • Knowledge of cloud security principles and monitoring in hybrid infrastructures. • Strong analytical and communication skills; capable of translating technical issues for non-technical stakeholders. • Proactive, adaptable, and team-oriented, with a global collaboration mindset. Preferred Certifications: • Splunk Core Certified Power User • CompTIA Security+ • GIAC Certified Intrusion Analyst (GCIA)or equivalent Job Types: Full-time, Contract Pay: From $65.00 per hour Expected hours: 40 per week Benefits: • 401(k) • Health insurance Experience: • Splunk SIEM expertise: 5 years (Required) • Threat detection & incident response: 4 years (Required) • Log analysis (Windows, Linux, cloud, network): 5 years (Preferred) • Vulnerability management (Tenable/Rapid7): 3 years (Preferred) • Proactive threat hunting (SIEM, EDR, CASB): 4 years (Preferred) Ability to Commute: • San Jose, CA 95112 (Required) Work Location: In person