Security Monitoring / SIEM Analyst

Overview

DecisionPoint seeks a Security Monitoring / SIEM Analyst to support enterprise cybersecurity operations within a federal and DoD-aligned mission environment. This role provides continuous monitoring of security events, log analysis, threat detection, and incident escalation in order to protect mission-critical systems. The analyst will review SIEM alerts, correlate data across multiple log sources, assess anomalous behavior, and support the investigative process for potential threats.

The Security Monitoring / SIEM Analyst plays a critical role in maintaining situational awareness, enhancing detection capabilities, and strengthening cyber defense through proactive log analysis and coordination with incident response and engineering teams.

This position is fully remote.

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid.

Duties & Responsibilities

The Security Monitoring / SIEM Analyst will:

• Monitor SIEM dashboards and event queues for suspicious or anomalous cybersecurity activity.

• Correlate logs from multiple security data sources, including firewalls, endpoints, cloud services, and authentication platforms.

• Investigate events and alerts to determine severity, threat likelihood, and required escalation paths.

• Support information gathering and preliminary triage for cybersecurity incidents.

• Analyze user activity, authentication logs, and system behavior for potential compromise indicators.

• Assist with tuning SIEM rules, correlation logic, thresholds, and suppression patterns to improve detection accuracy.

• Document security event details, timelines, and investigative findings.

• Escalate confirmed or high-risk events to the incident response team with detailed analysis.

• Maintain daily and weekly reporting on events, trends, and identified threats.

• Participate in continuous monitoring and security operations cycles aligned with DoD RMF requirements.

• Contribute to the creation and refinement of SOC playbooks, detection use cases, and monitoring procedures.

Qualifications

Clearance Requirement

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation.

Education (Required)

Bachelor's degree in Information Security, Information Technology, Digital Forensics, or a related field.

Experience (Required)

• Minimum 5 years of experience in security monitoring, SOC operations, threat analysis, or cybersecurity investigation.

• Experience analyzing logs and events from SIEM platforms.

• Experience identifying suspicious activity, anomalous behavior, or indicators of compromise (IOCs).

• Experience correlating data from multiple systems to assess potential threats.

• Experience documenting findings and escalating incidents to senior cybersecurity staff.

Technical Knowledge (Required)

• Strong understanding of SIEM platforms, log aggregation tools, and event correlation.

• Knowledge of common attack vectors, threat behaviors, and MITRE ATT&CK techniques.

• Familiarity with DoD cybersecurity monitoring, continuous monitoring principles, and incident escalation.

• Knowledge of logs produced by operating systems, firewalls, authentication systems, and cloud platforms.

Technical Knowledge (Preferred)

• Experience tuning SIEM correlation rules or creating new detection logic.

• Experience with endpoint detection tools, threat intelligence platforms, or security orchestration workflows.

• Familiarity with cloud log monitoring (AWS CloudTrail, GuardDuty, or equivalent).

Certifications

Required:

• Security+

Preferred:

• CySA+

• Additional DoD 8570/8140 cyber operations certifications

Skills

• Strong analytical, investigative, and problem-solving abilities for assessing security events.

• Excellent written and verbal communication skills for summarizing findings and documenting incidents.

• Ability to operate in a fast-paced SOC environment and manage multiple active investigations.

• High attention to detail for reviewing logs, identifying anomalies, and escalating confirmed threats.

• Ability to collaborate effectively with other cybersecurity, engineering, and incident response teams.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.