OculusIT - L3 Cyber Security Analyst - SIEM

Job Description : Cyber Security Analyst L3

Position Overview

We are seeking a highly skilled and experienced Cyber Security Analyst L3 to join our team. The ideal candidate will have strong expertise in cybersecurity investigation strategies, incident response, malware analysis, and advanced threat investigation techniques. The role also requires proficiency in open-source SIEM tools, EDR platforms, cloud security assessments, and server hardening practices. This position involves working with US-based clients and requires excellent communication skills.

Key Responsibilities

• Threat Investigation & Incident Response :
• Develop and implement advanced investigation strategies for cybersecurity incidents.
• Conduct detailed log analysis to identify threats, anomalies, and potential breaches.
• Perform malware analysis to understand behavior and mitigate threats.
• Manage end-to-end incident response processes and root cause analyses.
• Open-Source SIEM Expertise :
• Operate and integrate open-source SIEM platforms such as Wazuh, AlienVault, and others.
• Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat detection.
• Endpoint Detection and Response (EDR) :
• Investigate incidents using EDR solutions like Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne.
• Analyze endpoint telemetry and execute threat hunting processes.
• Cloud Security :
• Conduct cloud security reviews for platforms such as AWS, Azure, and Google Cloud.
• Provide recommendations to strengthen cloud architecture and user authentication processes.
• Server Hardening & CIS Benchmarks :
• Implement server hardening techniques based on CIS benchmarks.
• Perform security assessments to address identified vulnerabilities.
• Threat Intelligence & SOAR Integration :
• Leverage threat intelligence platforms to proactively identify and mitigate potential threats.
• Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling processes.
• Incident Handling & Communication :
• Lead incident handling efforts, coordinating with internal and external stakeholders.
• Provide clear, concise, and actionable communication to technical and non-technical audiences.
• Linux & Log Analysis :
• Review and analyze Linux system logs to identify potential security issues.
• Investigate unauthorized access attempts and system anomalies.
• Client Management :
• Collaborate with US-based clients, ensuring their cybersecurity needs are met.
• Deliver regular reports, updates, and recommendations to clients.
  
  

Required Skills And Qualifications

• 10+ years of hands-on experience in cybersecurity, incident response, and threat investigation.
• Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration.
• Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne.
• Strong knowledge of cloud security best practices and architecture reviews.
• Experience in server hardening following CIS benchmarks.
• Familiarity with SOAR platforms and threat intelligence tools.
• Solid understanding of Linux systems and log review methodologies.
• Excellent communication skills for client interactions and technical reporting.
• Proven ability to work with international clients, especially in the US.
  
  

Preferred Certifications

• Certified Information Systems Security Professional (CISSP)
• Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security Specialty
  
  

This role provides an excellent opportunity for growth and exposure to advanced cybersecurity practices while working with a global team. Apply now.

(ref:hirist.tech)