Data Analyst – Cybersecurity (SIEM)

Job Summary: We are seeking a skilled Data Analyst with hands-on experience in cybersecurity log analysis, SIEM data models, and scripting. The ideal candidate will work closely with security teams to parse, analyze, and enrich log data from various sources, helping improve threat detection and monitoring effectiveness.

• Analyze and interpret security event data from SIEM platforms (e.g., Splunk, QRadar, ArcSight, etc.)
• Develop and maintain parsers, regex rules, and data normalization scripts
• Understand and work with SIEM data models to improve log ingestion and correlation logic
• Write Python or shell scripts to automate log processing and data enrichment tasks
• Collaborate with security engineers and incident response teams to support investigations and improve data quality
• Identify anomalies, patterns, and insights from large volumes of log data

• Understanding of REST API and SYSLOGS
• Strong experience working with cybersecurity log data and SIEM tools
• Proficiency in scripting languages (Python preferred)
• Good knowledge of regex and log parsing techniques
• Familiarity with cybersecurity concepts, threat intelligence, and event types
• Experience working with SIEM data models and structured/unstructured data
• Ability to handle multiple data sources and correlate events for actionable insights

• Experience with platforms like Splunk, QRadar, or similar
• Exposure to log sources such as firewalls, endpoint security tools, IDS/IPS, etc.
• Basic knowledge of MITRE ATT&CK or threat detection frameworks