We are looking for a security analyst, the most important requirements are: * 2-3 years in information security with incident response experience * Hands-on experience with SIEM platforms (wazuh a priority) * Job location — remotely
Responsibilities: Monitoring & Alert Management: * Monitor security events and alerts from SIEM and security tools * Analyze and triage alerts to identify true positives vs. false positives * Assess severity and potential impact of security incidents
Incident Investigation & Response: * Conduct forensic investigations of security incidents * Perform root cause analysis to understand how incidents occurred * Implement containment and remediation measures * Trace attack chains and identify affected systems and users
Detection Development: * Create and tune detection rules and alert criteria in SIEM systems * Correlate multiple alerts to identify complex cyber incidents * Research emerging threats and develop new detection mechanisms
Threat Analysis: * Perform threat analysis on security events using available intelligence * Identify indicators of compromise and assess organizational impact * Stay updated on current cybersecurity threats and attack methods
Tool Management: * Configure and maintain SIEM rules and use cases * Optimize security tool performance and reduce false positives
Requirements: Education/Certifications: * Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science or equivalent experience * One or more:Security+, CySA+, GCIH, or Microsoft Certified: Security Operations Analyst Associate, CASP/CISSP would be a plus but not required
Experience: * 2-3 years in information security with incident response experience
Core Technical Skills: * Hands-on experience with SIEM platforms (Splunk, Wazuh, Microsoft Sentinel) * Knowledge of endpoint security tools (EDR/XDR) * Understanding of network security (firewalls, IDS/IPS) * Basic scripting abilities (Python, PowerShell, or similar) * Familiarity with MITRE ATT&CK Framework
