Ursus Inc
JOB TITLE: SIEM Analyst
LOCATION: San Jose, CA
DURATION: 6 months
PAY RANGE: $70-$75/hr
COMPANY: Our client, a multinational electronics company is recruiting for a SIEM Analyst. If you meet the qualifications listed, please Apply Now!
Key Responsibilities Monitor and analyze security event logs from various sources (e.g., firewalls, intrusion detection systems, endpoint protection) to identify potential security threats. • Monitor, triage, and investigate logs and alerts generated in the Splunk SIEM platform. • Perform initial analysis of security events, escalate incidents as needed, and assist with root cause identification. • Conduct in-depth analysis of security incidents to determine root cause and recommend remediation steps. • Support the integration of logs from enterprise systems into the Splunk environment. • Validate log completeness, rule logic, and alert relevance across critical infrastructure. • Tune and optimize correlation rules, dashboards, and use cases for operational efficiency. • Perform regular vulnerability scans using tools such as Tenable and Rapid7 Insight VM to identify potential vulnerabilities in the organization's network infrastructure. • Prioritize remediation efforts based on risk assessment and business impact. • Coordinate remediation efforts with IT teams to ensure timely patching of identified vulnerabilities. • Conduct threat hunting activities using tools such as SIEM, EDR, and CASB to proactively identify potential threats that may have evaded traditional security controls. • Participate in incident response and threat hunting efforts when needed. • Monitor network traffic, detect anomalies, and respond to potential security threats using advanced security tools and technologies. • Assist in improving SIEM-related processes, detection coverage, and alert fidelity. • Collaborate with the team to respond quickly and effectively in the event of a security breach or incident. • Maintain documentation related to log flows, triage procedures, detection use cases, and cybersecurity best practices. • Develop and maintain documentation on cybersecurity processes, procedures, and operational standards
Requirements Qualifications: • Bachelor's degree in Computer Science, Information Assurance, or a related field; Master's degree preferred. • 5+ years of experience in a SOC or cybersecurity role with hands-on experience in SIEM platforms (Splunk preferred). • Proven expertise in threat analysis, incident response, and vulnerability management. • Strong understanding of log sources such as Windows/Linux servers, firewalls, and cloud infrastructure. • Experience analyzing security events and triaging alerts in complex, multi-platform environments. • Familiarity with cloud platforms (e.g., AWS, Azure, or similar). • Experience with vulnerability management tools such as Tenable or Rapid7 Insight VM; familiarity with other scanning tools is a plus. • Knowledge of detection engineering, correlation rules, and security incident workflows. • Ability to work collaboratively across teams and communicate findings clearly and professionally. • Inclusive and adaptable, with the ability to navigate diverse global environments and norms. • A curious and resilient learner, eager to understand challenges through data-driven approaches. • Innovative and proactive, capable of exploring new ideas and adapting quickly to change. • Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA, or similar) are a plus.
BENEFITS SUMMARY: Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate or annual salary only, unless otherwise stated. In addition to base compensation, full-time roles are eligible for Medical, Dental, Vision, Commuter and 401K benefits with company matching.
IND 123
COMPANY: Our client, a multinational electronics company is recruiting for a SIEM Analyst. If you meet the qualifications listed, please Apply Now!
Key Responsibilities Monitor and analyze security event logs from various sources (e.g., firewalls, intrusion detection systems, endpoint protection) to identify potential security threats. • Monitor, triage, and investigate logs and alerts generated in the Splunk SIEM platform. • Perform initial analysis of security events, escalate incidents as needed, and assist with root cause identification. • Conduct in-depth analysis of security incidents to determine root cause and recommend remediation steps. • Support the integration of logs from enterprise systems into the Splunk environment. • Validate log completeness, rule logic, and alert relevance across critical infrastructure. • Tune and optimize correlation rules, dashboards, and use cases for operational efficiency. • Perform regular vulnerability scans using tools such as Tenable and Rapid7 Insight VM to identify potential vulnerabilities in the organization's network infrastructure. • Prioritize remediation efforts based on risk assessment and business impact. • Coordinate remediation efforts with IT teams to ensure timely patching of identified vulnerabilities. • Conduct threat hunting activities using tools such as SIEM, EDR, and CASB to proactively identify potential threats that may have evaded traditional security controls. • Participate in incident response and threat hunting efforts when needed. • Monitor network traffic, detect anomalies, and respond to potential security threats using advanced security tools and technologies. • Assist in improving SIEM-related processes, detection coverage, and alert fidelity. • Collaborate with the team to respond quickly and effectively in the event of a security breach or incident. • Maintain documentation related to log flows, triage procedures, detection use cases, and cybersecurity best practices. • Develop and maintain documentation on cybersecurity processes, procedures, and operational standards
Requirements Qualifications: • Bachelor's degree in Computer Science, Information Assurance, or a related field; Master's degree preferred. • 5+ years of experience in a SOC or cybersecurity role with hands-on experience in SIEM platforms (Splunk preferred). • Proven expertise in threat analysis, incident response, and vulnerability management. • Strong understanding of log sources such as Windows/Linux servers, firewalls, and cloud infrastructure. • Experience analyzing security events and triaging alerts in complex, multi-platform environments. • Familiarity with cloud platforms (e.g., AWS, Azure, or similar). • Experience with vulnerability management tools such as Tenable or Rapid7 Insight VM; familiarity with other scanning tools is a plus. • Knowledge of detection engineering, correlation rules, and security incident workflows. • Ability to work collaboratively across teams and communicate findings clearly and professionally. • Inclusive and adaptable, with the ability to navigate diverse global environments and norms. • A curious and resilient learner, eager to understand challenges through data-driven approaches. • Innovative and proactive, capable of exploring new ideas and adapting quickly to change. • Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA, or similar) are a plus.
BENEFITS SUMMARY: Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate or annual salary only, unless otherwise stated. In addition to base compensation, full-time roles are eligible for Medical, Dental, Vision, Commuter and 401K benefits with company matching.
IND 123