Operations Security Analyst SIEM, Splunk, Qradar, IOCs, PenTest, NIST, ISO 27001, MITRE, ATT&CK Contract

Overview

On Site
$40 - $45
Accepts corp to corp applications
Contract - W2
Contract - 12 Month(s)
No Travel Required

Skills

SIEM
Splunk
QRadar
IOCs
PenTest
NIST
ISO 27001
MITRE
ATT&CK

Job Details

Operations Security Analyst (SIEM, Splunk, Qradar, IOCs, PenTest, NIST, ISO 27001, MITRE, ATT&CK) Contract

Cupertino, CA OR Austin, TX On Site in either location

Role Overview:

As an Operations Security Analyst, you will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats in real time. You will play a critical role in defending our infrastructure, collaborating closely with penetration testers and red teamers to ensure vulnerabilities are not only identified, but actively detected, mitigated, and defended against.

Key Responsibilities:

  • Monitor and analyze security events using SIEM tools (e.g., Splunk, QRadar) and endpoint detection platforms.
  • Perform log analysis, correlation, and investigation to identify anomalous behavior and indicators of compromise (IOCs).
  • Lead and support incident response efforts, including triage, containment, eradication, and recovery.
  • Conduct forensic investigations of security incidents, analyzing host, network, and cloud artifacts.
  • Collaborate with Penetration Testers and Red Team members to validate detection capabilities and harden systems (Purple Teaming).
  • Develop and fine-tune detection rules, alerts, and automated response workflows.
  • Assist in developing and enforcing security policies aligned with frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
  • Leverage scripting (Python, Bash) to automate operational tasks and threat detection processes.

Preferred Qualifications:

  • Strong understanding of cybersecurity principles, network protocols, and evolving threat landscape.
  • Experience with endpoint detection & response (EDR) platforms and network traffic analysis.
  • Familiarity with attacker tactics, techniques, and procedures (TTPs), and how to detect them.
  • Hands-on experience with forensic tools and packet analysis (e.g., Wireshark, Volatility).
  • Relevant certifications such as CISSP, GIAC (GCIH, GCIA, GCFA), or Security+.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.