SIEM Analyst

We strive to be Your Future, Your Solution to accelerate your career!

 Job Title: SIEM Analyst

Key Responsibilities:

• Monitor and analyze security event logs from firewalls, intrusion detection systems, and endpoint protection platforms to detect potential security threats.

• Triage and investigate alerts generated by the Splunk SIEM platform.

• Perform initial security event analysis, escalate incidents appropriately, and assist with root cause identification.

• Conduct deep-dive incident investigations and recommend remediation strategies.

• Support integration of enterprise system logs into the Splunk environment.

• Validate log completeness, refine rule logic, and assess alert relevance across critical systems.

• Tune and optimize correlation rules, dashboards, and use cases for operational efficiency.

• Perform vulnerability scans using Tenable and Rapid7 Insight VM to identify potential threats.

• Prioritize and coordinate remediation efforts based on risk assessments and business impact.

• Conduct proactive threat hunting using SIEM, EDR, and CASB tools.

• Respond to security incidents and contribute to threat hunting operations.

• Monitor network traffic and respond to anomalies using advanced tools and techniques.

• Enhance SIEM processes, detection coverage, and alert fidelity.

• Collaborate across teams during security breaches and incident responses.

• Maintain documentation for log flows, triage steps, detection use cases, and best practices.

• Develop and maintain cybersecurity process and operations documentation.

Qualifications:

• Bachelor’s degree in Computer Science, Information Assurance, or related field (Master’s preferred).

• 5+ years in a SOC or cybersecurity role with direct SIEM experience (Splunk preferred).

• Expertise in threat analysis, incident response, and vulnerability management.

• Strong understanding of log sources across server, network, and cloud environments.

• Experience triaging complex alerts in multi-platform environments.

• Familiarity with AWS, Azure, or similar cloud platforms.

• Proficient with vulnerability management tools (Tenable, Rapid7 Insight VM).

• Knowledge of detection engineering and incident response workflows.

• Strong interpersonal communication and collaboration skills.

• Adaptable, curious, and data-driven with a resilient mindset.

• Innovative and proactive approach to security problem solving.

• Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA) are a plus.

Saige Partners, one of the fastest growing technology and talent companies in the Midwest, believes in people with a passion to help them succeed. We are in the business of helping professionals Build Careers, Not Jobs. Saige Partners believes employees are the most valuable asset to building a thriving and successful company culture, which is why we offer a benefit package and convenient weekly payment solutions that helps our employees stay healthy and maintain a positive work/life balance. Contact us to learn more about the opportunity below or check out other opportunities at https://careers.saigepartners.com/.