The Senior Security information and event management (SIEM) Security Analyst's core functions include responsibility for the collection, analysis, and validation of all SIEM activities that impact the organization both internal and external to the network. This will include threat and vulnerability analysis, investigating, documenting, and reporting on any information security issues and emerging trends, analysis and advising or response to previously unknown hardware and software vulnerabilities, and supporting preparation of disaster recovery plans. As the Senior SIEM analyst, you play a vital role in upholding the overall security stance of businesses by reviewing events that occur within the security stack, pinpointing vulnerabilities, escalating incidents, and advising or deploying mitigation tactics. As the number of cyberattacks worldwide continue to grow, analysts have become essential members of larger cybersecurity teams.The main objective is to identify, investigate, and escalate alerts and events to safeguard sensitive information from unauthorized access or harm caused by cybercriminals or malicious insiders. Assignments at this level will focus primarily on SIEM and Security Orchestration and Automated Response (SOAR) technologies that support the Cybersecurity Security Operations Center (CSOC) and Cyber Threat Intelligence (CTI) teams. Typically working alongside IT departments, security managers, and cybersecurity engineers. This role reports directly to the CSOC manager.Operational ManagementConfigure SIEM tool performance and event data quality to maximize SIEM system efficiency.Support the management of SIEM core and Enterprise Security module.Explore new or existing SOAR technologies for case management and Data Loss Prevention dashboard creation.Work to increase and improve the scope of automation efforts across the CSOC.Explore new or existing SIEM technologies to integrate behavioral and risk-based analysis in our environment, as well as AI functionality for higher fidelity alerts.Work with SIEM partners to enhance dashboards for improved analytics.Work with CTI team to further integrate Threat Intelligence Platform (TIP) with SIEM.Assist Network Analysts with the development of rules, filter, active channels, and onboarding of new programs.Work with team to improve version control and infrastructure as code to improve infrastructure BC/DR capabilities.Perform investigation and triage of events and incidents and escalate according to established playbooks in support of Incident Response process.Strategy & PlanningEngage other business departments in ongoing initiatives exploring enterprise data lake and data management solutions.Work with appropriate teams to improve upon information security policies and standards.Acquire and interpret business requirements and functional specifications to recommend security requirements.Maintain knowledge of best security practices through training, research, and involvement with local IT security groups across Nort East Ohio or industry partners.Acquisition & DeploymentWork with business for refining policies and standards around SIEM/SOAR related technologies.Work with architects and developers to design optimal logging and monitoring practices when developing new applications in the cloud and on premise.Incidental FunctionsAssist business on deciding new technologies including tools, components, and frameworks.Mentor and coach team members and/or Professional Apprentices.Project and task management and reporting as necessary.Make presentations to management, clients, and peer groups as requested.This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.This position is eligible to work in the office three days a week and has the option to