Paramount Assure

SIEM Analyst & Admin Roles and Responsibilities:


  • Fine-tuning SIEM LogRhythm use cases to reduce false positive and remove false negatives.


  • Integrate systems and Log Source Onboarding: (Windows and Linux servers, Network Devices, Database. etc).


  • Perform analysis and response to incidents and SIEM LogRhythm Alarms.


  • Ensuring the overall health of SIEM LogRhythm system and log sources.


  • Should be thorough in Troubleshooting SIEM LogRhythm system and collector issue.


  • Continuous maintenance of the system as well as any other.


  • Creating and developing Use cases.


  • Generating SIEM weekly/Monthly reports for management team.


  • Investigate and monitor security logs that generated from different log sources.


  • Identify, categorize, prioritize, and investigate correlated events.


  • Perform investigation and triage of events and incidents and escalate according to SOPs.


  • Responsible for working in an 8x5 Security Operation centre (SOC) environment and during extended working hours whenever needed.


  • Incidents analysis and investigation to determine their severity and response as required by SLAs & KPIs.


  • Document investigation results and provide relevant details for final analysis.


  • Analyse and investigate security incidents and alerts to determine the root case, impact, and severity.


  • Response to security incidents and alerts by identifying and containing the threat and vulnerability.


  • Conduct vulnerabilities Assessment identified by infrastructure scan and provided Mitigation plan.


  • Send and receive notifications to the respective teams regarding vulnerabilities to take necessary actions.


  • Provide vulnerability assessment reports for management.


  • Develop reports, dashboards, real-time rules, filters, and active channels.


  • Detect network potential threats and create use cases to mitigate the risk from SOC team.


  • Manage LogRhythm SIEM.


  • Document cyber-Incidents and implement incident response plan and process.


  • Ability to create and develop SIEM Dashboards.





Experience and Qualification:


  • Bachelor’s degree of computer science, Cybersecurity, Information Technology, anything related.


  • Minimum 5+ years’ experience in LogRhythm SIEM Administration and Management.


  • Minimum 5+ years’ experience as Soc Analyst for LogRhythm SIEM Tool.


  • Professional experience in incident detection and response, malware analysis.


  • Deep understanding of Attacks frameworks and techniques like: MITRE ATT&CK.


  • Experience with developing standard operating procedures and incident response plan.


  • Experience with log analysis from various formats.


  • Experience in security incident management and vulnerability management process.
View all job openings