SIEM Analyst & Administrator
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
One of our clients is seeking an experienced and detail-oriented SIEM Analyst & Administrator to manage, optimize, and monitor enterprise SIEM environments, with a strong focus on LogRhythm SIEM solutions.
Key Skills for This Role
Full Job Posting
Overview
One of our clients is seeking an experienced and detail-oriented SIEM Analyst & Administrator to manage, optimize, and monitor enterprise SIEM environments, with a strong focus on LogRhythm SIEM solutions.
This role requires an advanced-level candidate with strong hands-on SIEM and SOC experience.
Siem Administration & Management
- Manage and administer LogRhythm SIEM infrastructure and related components.
- Fine-tune SIEM use cases to reduce false positives and eliminate false negatives.
- Ensure overall health, performance, and availability of the SIEM platform and log sources.
- Troubleshoot SIEM platform, collectors, parsing, and log ingestion issues.
- Perform continuous maintenance, optimization, and upgrades of SIEM infrastructure.
- Create and maintain SIEM dashboards, reports, active channels, and correlation rules.
Log Source Integration & Monitoring
- Integrate and onboard various log sources including: Windows Servers, Linux Servers, Network Devices, Databases, Security Appliances, Cloud Platforms.
- Monitor security logs and correlated events from multiple environments.
- Develop and enhance SIEM use cases and detection logic based on emerging threats.
- Create custom alerts, filters, and real-time monitoring rules.
Security Operations & Incident Response
- Investigate, analyze, and respond to SIEM alarms and security incidents.
- Identify, categorize, prioritize, and triage security events according to SOPs and SLAs.
- Perform root cause analysis to determine incident severity, impact, and remediation actions.
- Document investigation findings and provide detailed incident analysis reports.
- Escalate incidents and coordinate with relevant teams when required.
- Support incident containment, remediation, and recovery activities.
Threat Detection & Vulnerability Management
- Detect potential threats, anomalies, and malicious activity across enterprise environments.
- Utilize frameworks such as MITRE ATT&CK to map threats and attack techniques.
- Conduct vulnerability assessments based on infrastructure scan findings.
- Provide mitigation recommendations and track remediation activities.
- Coordinate vulnerability notifications and follow-ups with internal teams.
- Generate vulnerability assessment and risk reports for management.
Reporting & Documentation
- Generate weekly and monthly SIEM operational and security reports.
- Maintain incident response documentation, SOPs, and knowledge base articles.
- Support continuous improvement of incident response plans and SOC procedures.
- Develop dashboards and executive-level security reporting metrics.
Soc Operations
- Operate within an 8x5 Security Operations Center (SOC) environment.
- Support extended working hours during major incidents or operational requirements.
- Collaborate with cross-functional teams to improve security posture and operational efficiency.
Required Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
- Minimum 5+ years of hands-on experience in LogRhythm SIEM administration and management.
- Minimum 5+ years of experience as a SOC Analyst using SIEM platforms.
- Strong experience in: security incident detection and response, malware analysis, log analysis and event correlation, vulnerability management, threat hunting and monitoring.
- Deep understanding of cybersecurity attack frameworks and methodologies including MITRE ATT&CK.
- Experience developing SOPs, incident response plans, and operational workflows.
- Strong troubleshooting and analytical problem-solving skills.
- Excellent communication and documentation abilities.
Preferred Skills
- Experience with enterprise SOC environments and security monitoring operations.
- Familiarity with Windows, Linux, network security, and cloud environments.
- Knowledge of security frameworks and compliance standards.
- Experience with threat intelligence integration and advanced threat detection.
- Relevant cybersecurity certifications are an advantage, such as: CEH, CompTIA Security+, CySA+, GCIA, GCIH, LogRhythm Certifications.
• Vulnerability Assessment & Risk Mitigation
- Cybersecurity Operations
• Team Collaboration & Communication
- Why Join?
- Opportunity to work in a dynamic enterprise-scale cybersecurity environment.
- Exposure to advanced SIEM technologies and security operations.
- Collaborative team culture with opportunities for professional development and certifications.
- Hands-on involvement in strengthening enterprise cyber defense capabilities.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career