Job Description:

• Proficient in scripting languages (e.g., Python, PowerShell, or Bash) for automation and custom integration tasks. In-depth knowledge of log management, log parsing, and data normalization.
• Experience in creating custom dashboards, alerts, reports, and searches within SIEM platforms.
• Strong understanding of network protocols, security event types, and log formats (e.g., Syslog, Windows Event Logs, etc.).
• Experience with security technologies such as IDS/IPS, firewalls, anti-virus software, and endpoint detection tools.
• Experience and in-depth knowledge of cybersecurity trends and SIEM detection rules development.
• Hands-on experience in troubleshooting SIEM data collection, parsing, or integration issues.
• Understanding of threat intelligence feeds and their integration into SIEM.
• Create playbook for structured guide that outlines the procedures for detecting, analyzing, responding to, and remediating cybersecurity incidents to Security Analyst.