IS Cyber Security Analyst II at The Planet Group
Richland, WA 99354
About the Job
Job Description
Description:
The position requires an individual with a solid understanding of SIEM systems, preferably Trellix, and experience in maintaining and optimizing logging infrastructure for security monitoring purposes. The candidate will be responsible for ensuring that logs are collected, processed, and stored correctly, ensuring compliance with regulatory requirements and internal security protocols. The role requires collaboration with IT and security teams to manage log data and improve SIEM functionality.
Principal Accountabilities:
Acts as the technical expert for an on-premise Security Information and Event Management (SIEM). The role focuses on updating SIEM software to current versions, monitoring log data, ensuring data integrity, and collaborating with cross-functional teams to improve the quality of logs ingested into the SIEM. Experience with Trellix SIEM is highly preferred. The position requires attention to detail, the ability to troubleshoot issues, and ensure the integrity of the SIEM data, while working in a regulated and high-security environment.
Execute response activities which may include incident response, incident management, driving remediation/mitigation, and forensic analysis. Carry out other security operations activities which may include identification of weakness (such as vulnerabilities / insecure configurations).
Facilitate internal skills development activities for information security personnel on the topic of security monitoring and incident response. Analyst will be expected to:
• Update the SIEM software to the latest versions to ensure optimal performance and security.
• Monitor SIEM data to identify, troubleshoot, and resolve issues related to log ingestion, parsing, and storage.
• Work closely with IT, security, and other operational teams to ensure logs are properly ingested and processed within the SIEM.
• Identify areas for log data cleanup and optimization within the SIEM to improve system efficiency.
• Maintain security monitoring configurations and ensure logs align with compliance and regulatory standards for nuclear power facilities.
• Ensure proper documentation and change management procedures are followed for any updates or modifications to the SIEM configuration.
• Continuously evaluate the SIEM setup for enhancements to meet evolving security requirements.
Required Education & Experience:
Bachelor's degree in computer science, Information Security, or a related field with a minimum of 7 years of experience in cybersecurity or IT, with at least 3 years focused on SIEM administration and management.
The position requires an individual with a solid understanding of SIEM systems, preferably Trellix, and experience in maintaining and optimizing logging infrastructure for security monitoring purposes. The candidate will be responsible for ensuring that logs are collected, processed, and stored correctly, ensuring compliance with regulatory requirements and internal security protocols. The role requires collaboration with IT and security teams to manage log data and improve SIEM functionality.
Principal Accountabilities:
Acts as the technical expert for an on-premise Security Information and Event Management (SIEM). The role focuses on updating SIEM software to current versions, monitoring log data, ensuring data integrity, and collaborating with cross-functional teams to improve the quality of logs ingested into the SIEM. Experience with Trellix SIEM is highly preferred. The position requires attention to detail, the ability to troubleshoot issues, and ensure the integrity of the SIEM data, while working in a regulated and high-security environment.
Execute response activities which may include incident response, incident management, driving remediation/mitigation, and forensic analysis. Carry out other security operations activities which may include identification of weakness (such as vulnerabilities / insecure configurations).
Facilitate internal skills development activities for information security personnel on the topic of security monitoring and incident response. Analyst will be expected to:
• Update the SIEM software to the latest versions to ensure optimal performance and security.
• Monitor SIEM data to identify, troubleshoot, and resolve issues related to log ingestion, parsing, and storage.
• Work closely with IT, security, and other operational teams to ensure logs are properly ingested and processed within the SIEM.
• Identify areas for log data cleanup and optimization within the SIEM to improve system efficiency.
• Maintain security monitoring configurations and ensure logs align with compliance and regulatory standards for nuclear power facilities.
• Ensure proper documentation and change management procedures are followed for any updates or modifications to the SIEM configuration.
• Continuously evaluate the SIEM setup for enhancements to meet evolving security requirements.
Required Education & Experience:
Bachelor's degree in computer science, Information Security, or a related field with a minimum of 7 years of experience in cybersecurity or IT, with at least 3 years focused on SIEM administration and management.
