SIEM Analyst

Job description

Responsibilities We are seeking a highly skilled and innovative SIEM Analyst to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Review complex SIEM events, logs, and alerts; correlate telemetry from network, endpoint, identity, and cloud sources to detect anomalous activity. - Investigate incidents through multi‑source correlation, timeline reconstruction, enrichment with threat intelligence, and IOC validation. - Build and update intermediate‑level correlation rules, alert logic, and detection filters to address evolving use cases and improve fidelity. - Document triage results, maintain investigation records with analytic notes, and categorize incidents per escalation criteria. - Support tuning by identifying systemic false positives, refining rule parameters, and proposing detection enhancements. - Collaborate with SOC analysts, threat hunters, cybersecurity engineers, and incident responders to provide technical context and preliminary root‑cause assessments. - Maintain SIEM dashboards and operational reporting: update visualizations, refine queries, and validate metric accuracy. - Verify ingestion, parsing, and normalization of lo...