SOC Siem Analyst

About The Position

Requirements

• Must hold or be able to obtain within one “1” working year, two “2” Microsoft security certifications, AZ-500 and SC-200, required by Kraft Kennedy. These are subject to change per Kraft Kennedy requirements.
• Minimum of 3 years of experience in IT Security or related field is required
• Experience with EDR, Mail Hygiene, Zero Trust and Vulnerability management tools.
• Ability to manage and prioritize multiple assignments while meeting deadlines.

Nice To Haves

• Security Certifications (CISSP, GCIA GCIH, GCFA or GCFE) a plus!

Responsibilities

• SIEM Platform Management
• Administer and maintain the SIEM platform, ensuring system health, performance, storage, and availability. Perform updates, patching, and backups regularly.
• Log Source Integration
• Coordinate with internal and client teams to onboard new log sources, ensuring accurate and efficient data collection and parsing.
• Content Development and Optimization
• Create, tune, and manage SIEM content including correlation rules, alerts, dashboards, and reports to enhance detection capabilities and reduce false positives.
• Performance Monitoring and Optimization
• Analyze SIEM performance metrics and implement improvements to support scalability and high-speed querying.
• Documentation and Reporting
• Maintain documentation for SIEM architecture, processes, and procedures. Generate reports on system health, performance, and security metrics for management and compliance.
• Security Incident Response
• Conduct in-depth analysis and investigation of security incidents. Collaborate with SOC analysts to escalate and resolve advanced threats.
• Client Engagement and Advisory
• Assess client security needs and recommend tailored solutions aligned with Kraft Kennedy SOC standards. Develop and implement security policies to strengthen client security posture.
• Collaboration and Support
• Provide technical guidance and support to the SOC team. Troubleshoot SIEM-related issues and ensure timely resolution.
• Continuous Learning and Threat Awareness
• Stay current with emerging security trends, technologies, and threats to proactively safeguard client environments.
• Availability & Responsiveness
• Be available on call outside of normal business hours in case of emergencies. Able to work in a fast-paced environment and manage multiple priorities.
• Technical Expertise Across IT & Security
• Leverage experience across various IT disciplines, including hands-on use of security monitoring tools, vulnerability scanning, and reviewing assessment reports. Maintain strong networking knowledge with a focus on security.
• SIEM Platform Proficiency
• Demonstrate deep understanding of enterprise-level SIEM platforms (e.g., ConnectWise SIEM), including log formats, collection methodologies, data normalization, and content creation (correlation rules, exclusions, dashboards, reports).
• System Administration & Scripting
• Experience with Linux/Windows system administration and command-line tools. Proficient in scripting languages such as Python and PowerShell, and query languages like KQL.
• Security Frameworks & Incident Response
• Knowledge of security frameworks (MITRE ATT&CK, NIST, CIS). Hands-on experience with incident handling and response processes.
• Troubleshooting & Problem Solving
• Strong analytical skills to diagnose and resolve technical issues effectively.
• Communication & Collaboration
• Excellent verbal and written communication skills, with the ability to explain complex technical concepts to both technical and non-technical audiences. Strong teamwork and collaboration skills.
• Platform Familiarity
• Demonstrate proficiency with the Kraft Kennedy SOC stack.

Benefits

• Medical, dental, life and disability insurance
• 401k with company match
• Holidays/vacation/sick days
• Cutting edge training on the latest technologies
• Employee referral bonus program
• Phone reimbursement