Job Requirements
Saint Louis, MO
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
$150,000 - $175,000
Job Description
The SIEM/SOAR Administrator plays a critical role in managing, optimizing, and evaluating the Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems used in the Network Operations Center (NOC) and Security Operations Center (SOC). This position is responsible for the day-to-day administration of these tools, as well as conducting regular assessments of their effectiveness and efficiency. Additionally, this role involves evaluating existing security business processes and recommending improvements to enhance overall security operations. This SIEM/SOAR Administrator / Assessor role is crucial for ensuring the effective use of security tools and processes in the NOC and SOC environments. The position requires a blend of technical expertise, analytical skills, and the ability to drive continuous improvement in security operations.
Key Responsibilities:
Configure, maintain, and optimize SIEM and SOAR platforms
Develop and implement use cases, correlation rules, and playbooks
Troubleshoot and manage issues related to data collection, analysis, and reporting
Assess the existing and to be state of the NOC and SOC operating environment
Conduct gap analysis to identify areas for improvement in current toolset
Integrate SIEM/SOAR systems with other security and network tools
Ensure proper data flow and communication between different security systems
Troubleshoot integration issues and work with vendors to resolve problems
Create and maintain dashboards for real-time visibility into security events
Review and assess existing security business processes
Identify inefficiencies, redundancies, or gaps in current processes
Recommend process improvements to enhance security operations
Ensure SIEM/SOAR configurations meet compliance requirements
Prepare documentation and evidence for security audits
Assist in developing and maintaining policies and procedures related to SIEM/SOAR usage
Provide technical support during security incidents
Work closely with NOC, SOC, and other IT teams to align SIEM/SOAR capabilities with operational needs
Participate in cross-functional projects related to security improvements
Qualifications:
Requirements: Bachelors degree
Years of Experience: 5-10
Key Responsibilities:
Configure, maintain, and optimize SIEM and SOAR platforms
Develop and implement use cases, correlation rules, and playbooks
Troubleshoot and manage issues related to data collection, analysis, and reporting
Assess the existing and to be state of the NOC and SOC operating environment
Conduct gap analysis to identify areas for improvement in current toolset
Integrate SIEM/SOAR systems with other security and network tools
Ensure proper data flow and communication between different security systems
Troubleshoot integration issues and work with vendors to resolve problems
Create and maintain dashboards for real-time visibility into security events
Review and assess existing security business processes
Identify inefficiencies, redundancies, or gaps in current processes
Recommend process improvements to enhance security operations
Ensure SIEM/SOAR configurations meet compliance requirements
Prepare documentation and evidence for security audits
Assist in developing and maintaining policies and procedures related to SIEM/SOAR usage
Provide technical support during security incidents
Work closely with NOC, SOC, and other IT teams to align SIEM/SOAR capabilities with operational needs
Participate in cross-functional projects related to security improvements
Qualifications:
Requirements: Bachelors degree
Years of Experience: 5-10
group id: 91017793