SOC SIEM Analyst

About This Role

Join our growing Managed Security Service Provider (MSSP) within the Security Operations Center (SOC) as a SIEM Analyst to manage, maintain, and optimize our SIEM platform. Your expertise will be crucial in ensuring peak performance, providing actionable security intelligence, and enhancing detection capabilities.

Responsibilities

• Administer and maintain the SIEM platform, ensuring system health, performance, storage, and availability
• Perform updates, patching, and backups regularly on the SIEM platform
• Coordinate with internal and client teams to onboard new log sources, ensuring accurate and efficient data collection and parsing
• Create, tune, and manage SIEM content including correlation rules, alerts, dashboards, and reports to enhance detection capabilities and reduce false positives
• Analyze SIEM performance metrics and implement improvements to support scalability and high-speed querying
• Maintain documentation for SIEM architecture, processes, and procedures
• Generate reports on system health, performance, and security metrics for management and compliance
• Conduct in-depth analysis and investigation of security incidents
• Collaborate with SOC analysts to escalate and resolve advanced threats
• Assess client security needs and recommend tailored solutions aligned with Kraft Kennedy SOC standards
• Provide technical guidance and support to the SOC team and troubleshoot SIEM-related issues
• Stay current with emerging security trends, technologies, and threats to proactively safeguard client environments

Requirements

• Must live in CT, DE, FL, GA, IL, MD, MA, NY, SC, NC, TN, TX, UT, VA, VT, DC, KY, PA, OH or WA for this remote position
• Available on call outside of normal business hours in case of emergencies
• Experience across various IT disciplines, including hands-on use of security monitoring tools, vulnerability scanning, and reviewing assessment reports
• Strong networking knowledge with a focus on security
• Deep understanding of enterprise-level SIEM platforms (e.g., ConnectWise SIEM), including log formats, collection methodologies, data normalization, and content creation (correlation rules, exclusions, dashboards, reports)
• Experience with Linux/Windows system administration and command-line tools
• Proficient in scripting languages such as Python and PowerShell, and query languages like KQL
• Knowledge of security frameworks (MITRE ATT&CK, NIST, CIS)
• Hands-on experience with incident handling and response processes
• Strong analytical skills for troubleshooting and problem solving
• Excellent verbal and written communication skills
• Proficiency with the Kraft Kennedy SOC stack

Qualifications

• Minimum of 3 years of experience in IT Security or related field

Nice to Have

• Experience with EDR, Mail Hygiene, Zero Trust and Vulnerability management tools
• Security Certifications (CISSP, GCIA GCIH, GCFA or GCFE)

Skills

* Required skills

Benefits

Certifications