Lead Stack Inc. is an award-winning, one of the nation's fastest-growing, certified minority-owned (MBE) staffing services provider of contingent workforce. As a recognized industry leader in contingent workforce solutions and Certified as a Great Place to Work, we're proud to partner with some of the most admired Fortune 500 brands in the world.
TITLE: SIEM Analyst
LOCATION: San Jose, CA - Onsite
DURATION: 6 months with possible extension
Rate: $70/hr - $75/hr on W2
Job Description:
Key Responsibilities
Monitor and analyze security event logs from various sources (e.g., firewalls, intrusion detection systems, endpoint protection) to identify potential security threats.
• Monitor, triage, and investigate logs and alerts generated in the Splunk SIEM platform.
• Perform initial analysis of security events, escalate incidents as needed, and assist with root cause identification.
• Conduct in-depth analysis of security incidents to determine root cause and recommend remediation steps.
• Support the integration of logs from enterprise systems into the Splunk environment.
• Validate log completeness, rule logic, and alert relevance across critical infrastructure.
• Tune and optimize correlation rules, dashboards, and use cases for operational efficiency.
• Perform regular vulnerability scans using tools such as Tenable and Rapid7 Insight VM to identify potential vulnerabilities in the organization's network infrastructure.
• Prioritize remediation efforts based on risk assessment and business impact.
• Coordinate remediation efforts with IT teams to ensure timely patching of identified vulnerabilities.
• Conduct threat hunting activities using tools such as SIEM, EDR, and CASB to proactively identify potential threats that may have evaded traditional security controls.
• Participate in incident response and threat hunting efforts when needed.
• Monitor network traffic, detect anomalies, and respond to potential security threats using advanced security tools and technologies.
• Assist in improving SIEM-related processes, detection coverage, and alert fidelity.
• Collaborate with the team to respond quickly and effectively in the event of a security breach or incident.
• Maintain documentation related to log flows, triage procedures, detection use cases, and cybersecurity best practices.
• Develop and maintain documentation on cybersecurity processes, procedures, and operational standards
Requirements Qualifications:
• Bachelor’s degree in Computer Science, Information Assurance, or a related field; Master’s degree preferred.
• 5+ years of experience in a SOC or cybersecurity role with hands-on experience in SIEM platforms (Splunk preferred).
• Proven expertise in threat analysis, incident response, and vulnerability management.
• Strong understanding of log sources such as Windows/Linux servers, firewalls, and cloud infrastructure.
• Experience analyzing security events and triaging alerts in complex, multi-platform environments.
• Familiarity with cloud platforms (e.g., AWS, Azure, or similar).
• Experience with vulnerability management tools such as Tenable or Rapid7 Insight VM; familiarity with other scanning tools is a plus.
• Knowledge of detection engineering, correlation rules, and security incident workflows.
• Ability to work collaboratively across teams and communicate findings clearly and professionally.
• Inclusive and adaptable, with the ability to navigate diverse global environments and norms.
• A curious and resilient learner, eager to understand challenges through data-driven approaches.
• Innovative and proactive, capable of exploring new ideas and adapting quickly to change.
• Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA, or similar) are a plus
To know more about current opportunities at Lead Stack, please visit us at https://leadstackinc.com/careers/
Should you have any questions, feel free to call me on 415 985-0816 or send an email on Nishanth.allam@leadstackinc.com