Security Operations Center Analyst

Key Responsibilities:

• Configure, manage, and maintain SIEM tools, especially Splunk Enterprise/Splunk Cloud
• Develop and fine-tune correlation rules, alerts, and dashboards in Splunk
• Monitor security events and investigate security incidents
• Perform log analysis, threat hunting, and provide actionable insights
• Collaborate with SOC, IT, and application teams for incident resolution
• Integrate log sources from various platforms, including servers, firewalls, and cloud services
• Ensure log integrity, normalization, and data parsing
• Provide documentation and regular reporting on SIEM activities and incidents

Required Skills:

• Strong experience with Splunk (search, dashboards, alerts, use cases)
• Solid understanding of SIEM concepts and security monitoring
• Familiarity with MITRE ATT&CK framework and threat detection
• Experience with log source onboarding and parsing
• Understanding of firewalls, IDS/IPS, endpoint protection, and cloud security
• Good analytical and problem-solving skills