Job Summary :
We are seeking a skilled Data Analyst with hands-on experience in cybersecurity log analysis, SIEM data models, and scripting. The ideal candidate will work closely with security teams to parse, analyze, and enrich log data from various sources, helping improve threat detection and monitoring effectiveness.
Key Responsibilities :
- Analyze and interpret security event data from SIEM platforms (e.g., Splunk, QRadar, ArcSight, etc.)
- Develop and maintain parsers, regex rules, and data normalization scripts
- Understand and work with SIEM data models to improve log ingestion and correlation logic
- Write Python or shell scripts to automate log processing and data enrichment tasks
- Collaborate with security engineers and incident response teams to support investigations and improve data quality
- Identify anomalies, patterns, and insights from large volumes of log data
Required Skills :
Understanding of REST API and SYSLOGSStrong experience working with cybersecurity log data and SIEM toolsProficiency in scripting languages (Python preferred)Good knowledge of regex and log parsing techniquesFamiliarity with cybersecurity concepts, threat intelligence, and event typesExperience working with SIEM data models and structured / unstructured dataAbility to handle multiple data sources and correlate events for actionable insightsPreferred Qualifications :
Experience with platforms like Splunk, QRadar, or similarExposure to log sources such as firewalls, endpoint security tools, IDS / IPS, etc.Basic knowledge of MITRE ATT&CK or threat detection frameworks