Information Security Analyst Level II - SIEM - Remote

Overview

The Information Security Analyst II builds upon foundational skills by actively managing security alerts, tuning detection content, and improving threat detection capabilities.

In Short

• Recommend refinement for detection rules to improve accuracy and reduce false positives across SIEM and EDR platforms.
• Conduct investigations into security events using tools such as Splunk, Elastic, ArcSight, and XDR platforms (Cisco XDR, Cortex XDR).
• Leverage AI to analyze security trends, automate processes, and identify new patterns of threat behavior.
• Develop and document detection blueprints to enhance high-fidelity alerting for security threats and compliance risks.
• Assist with SOAR platform workflows to improve incident response automation.
• Collaborate with internal teams to address gaps in detection visibility and implement best practice mitigations.
• Provide mentorship and knowledge sharing to analysts at Level I.

Requirements

• Experience with SIEM and EDR tools.
• Strong analytical skills in security event investigation.
• Knowledge of AI applications in cybersecurity.
• Ability to develop detection blueprints.
• Experience with incident response automation.
• Mentorship experience.

Benefits

• Opportunity for career advancement.
• Work in a collaborative environment.
• Access to cutting-edge technology.
• Continuous learning and development.