Security Analyst III

Splunk, Security, Incident Response, AWS, SIEM
Full Time
$125,000 - $135,000

Job Description

***We are unable to sponsor as this is a permanent full time role***

A prestigious fortune 500 company is on the search for a Security Analyst III.  This analyst is a part of the Cyber Incident Response Team and is responsible for identifying and developing new security detection use cases, playbooks, tuning, and alerts for us within the SIEM (Splunk) solutions. A requirement for this position is Splunk. This analyst also needs to have experience with cloud platform technologies like AWS, Azure, or Google Cloud Platform.


  • Participate as a member of the Cyber Incident Response Team (CIRT) in efforts to protect the integrity, confidentiality, and availability of Company information assets.
  • Provide real-time monitoring and timely response to alerts and anomalies generated by various security tools.
  • Perform deep event analysis and correlation, evaluating and escalating events and incidents based on established escalation procedures.
  • Identify and develop new security detection use cases, playbooks, tuning, and alerts for use within our SIEM (Splunk) and our Case Management solution (Splunk / Mission Control).
  • Accurately record all cases and interactions in the incident management tracking tool within given SLAs.
  • Help standardize documentation for support of assigned systems and applications and help to facilitate understanding and use within various levels of security operations.
  • Partner with MSSP/external vendors providing SecOps services to enrich our Splunk environment and respond to alerts 24/7.
  • Assist in security project implementation for testing, monitoring, and reporting purposes.
  • Contribute to the evaluation of new or updated security solutions and assess impact of security controls to user experience.
  • Ability to effectively prioritize and execute tasks in a remote / complex environment.
  • Perform special assignments as required.


  • 3 or more years of working in security operations role or cyber incident response role conducting in depth investigations using internal telemetry data and open-source information to determine whether or not a given system or user has been compromised is required.
  • 3 or more years working with traditional security tools, not limited to, SIEM, AV, EDR, SOAR, IDS/IPS, DLP, etc.
  • 7 or more years required of IT work experience with a broad exposure to infrastructure/network and multi-platform environments is required. Hands-on working experience of most common operating systems including but not limited to Windows Server, Windows 10, Unix/Linux, Apple OSX, Android, iOS environments are required.
  • 2 or more years of experience and hands-on working knowledge of Splunk is required. Splunk certifications are a plus.
  • 2 or mor years of experience with cloud platform technologies (AWS, Google Cloud Platform, Azure, O365) is required.
  • Experience with integration between Incident Management Systems (SOAR) and SIEM in an enterprise environment is a plus.
  • Experience with the forensic and incident response process, reverse engineering malware, and Red-Teaming is a plus.
  • Experience with audit support and response, and regulatory compliance SOX and PCI-DSS is a plus.
  • Experience of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc. is a plus.
  • Security certifications (SANS, ISC2, SEI, CFE) are a plus.
  • Higher education (Bachelor’s, Masters’, etc.) are a plus.


Dice Id : napil006
Position Id : 7013208
Originally Posted : 11 months ago
Have a Job? Post it

Similar Positions

Security Analyst
  • Motion Recruitment
  • Chicago, IL, USA
Security Analyst
  • FriendFinder Networks, Inc.
Senior Security Analyst
  • Themesoft Inc
Security Analyst
  • EKHP Consulting LLC
Security Engineer III
  • Request Technology, LLC
IT Security Analyst
  • PeopleCaddie
Incident Response / Incident Response Analyst
  • Request Technology, LLC
  • Chicago, IL, USA
Incident Response SIEM Cyber Defense Engineer
  • Request Technology, LLC
  • Chicago, IL, USA