Home PageWho We Are and What We DoPhilosophyCareerContact Us
Core Competencies Workforce Solutions IT Service Products GSA

This position requires - Clear Background, Drug Test, and Education Check.
Must be authorized to work in the US for any employer without Sponsorship.
(Principal Only! No Corp to Corp)
---------------------------------------------------------------------------------------------------------------------

Position Title: 473917-SIEM Analyst (Splunk)-Onsite
Location: San Jose, CA
Pay Rate: $70-$75

Contract Duration: 6 months contract

Monitor and analyze security event logs from various sources (e.g., firewalls, intrusion detection systems, endpoint protection) to identify potential security threats.

Responsibilities:

• Monitor, triage, and investigate logs and alerts generated in the Splunk SIEM platform.

• Perform initial analysis of security events, escalate incidents as needed, and assist with root cause identification.

• Conduct in-depth analysis of security incidents to determine root cause and recommend remediation steps.

• Support the integration of logs from enterprise systems into the Splunk environment.

• Validate log completeness, rule logic, and alert relevance across critical infrastructure.

• Tune and optimize correlation rules, dashboards, and use cases for operational efficiency.

• Perform regular vulnerability scans using tools such as Tenable and Rapid7 Insight VM to identify potential vulnerabilities in the organization's network infrastructure.

• Prioritize remediation efforts based on risk assessment and business impact.

• Coordinate remediation efforts with IT teams to ensure timely patching of identified vulnerabilities.

• Conduct threat hunting activities using tools such as SIEM, EDR, and CASB to proactively identify potential threats that may have evaded traditional security controls.

• Participate in incident response and threat hunting efforts when needed.

• Monitor network traffic, detect anomalies, and respond to potential security threats using advanced security tools and technologies.

• Assist in improving SIEM-related processes, detection coverage, and alert fidelity.

• Collaborate with the team to respond quickly and effectively in the event of a security breach or incident.

• Maintain documentation related to log flows, triage procedures, detection use cases, and cybersecurity best practices.

• Develop and maintain documentation on cybersecurity processes, procedures, and operational standards

Requirements:

• Bachelor’s degree in Computer Science, Information Assurance, or a related field; Master’s degree preferred.

• 5+ years of experience in a SOC or cybersecurity role with hands-on experience in SIEM platforms (Splunk preferred).

• Proven expertise in threat analysis, incident response, and vulnerability management.

• Strong understanding of log sources such as Windows/Linux servers, firewalls, and cloud infrastructure.

• Experience analyzing security events and triaging alerts in complex, multi-platform environments.

• Familiarity with cloud platforms (e.g., AWS, Azure, or similar).

• Experience with vulnerability management tools such as Tenable or Rapid7 Insight VM; familiarity with other scanning tools is a plus.

• Knowledge of detection engineering, correlation rules, and security incident workflows.

• Ability to work collaboratively across teams and communicate findings clearly and professionally.

• Inclusive and adaptable, with the ability to navigate diverse global environments and norms.

• A curious and resilient learner, eager to understand challenges through data-driven approaches.

• Innovative and proactive, capable of exploring new ideas and adapting quickly to change.

• Relevant certifications (e.g., Splunk Core Certified Power User, Security+, GCIA, or similar) are a plus.

We encourage Minorities, Women, Protected Veterans and Disabled individuals to apply for all positions that they may be qualified for. We maintain a drug-free workplace and perform pre-employment substance abuse testing and background checks

------------------------------------------------------------------------------------------------------

If you are interested in this position, please submit your resume in a Word Document with the month and year that you have worked at each previous position to - roli@norlandgroup.com and copy: 473917-SIEM Analyst (Splunk)-Onsite to the email Subject Line.

Or click this email link and attach your resume in a MS Word Document format

Job Posted Date: 7/15/2025