Be an early applicantLess than 25 applicants

Company

DotWave Solutions · 7 hours ago

Cybersecurity SIEM Engineer III

San Diego County, CA

Contract

Remote

Mid, Senior Level

$60/hr - $70/hr

5+ years exp

Maximize your interview chances

IT Services and IT Consulting

No H1B

Insider Connection @DotWave Solutions

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Provide 24x7x365 monitoring and analysis of security events using SIEM tools (specifically Wazuh SIEM and XDR) to identify potential security incidents.

Share in-depth analysis and intelligence on cybersecurity events with stakeholders across the organization.

Actively monitor and analyze network traffic to identify potential vulnerabilities or security threats.

Analyze and respond to SIEM alerts, providing technical expertise in investigating and remediating security incidents.

Contribute to the development and improvement of security policies, procedures, and documentation.

Assist in the identification, containment, and remediation of cybersecurity incidents, applying advanced analysis techniques to evaluate network and host activity.

Coordinate and manage cyber incidents, providing real-time forensic collection, intrusion correlation, and incident remediation support.

Analyze malicious activity and vulnerabilities to understand attack tactics, techniques, and procedures (TTPs).

Collaborate with cross-functional teams to resolve incidents and ensure compliance with security best practices and organizational standards.

Collect and analyze security-related artifacts (e.g., malware, system configurations) to help mitigate future cyber threats.

Use your knowledge of common and advanced attack types, including advanced persistent threats (APTs), to prevent and respond to incidents.

Participate in incident response activities, including forensic analysis, threat intelligence sharing, and post-incident reporting.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Wazuh SIEMCybersecurity certificationsSecurity Operations Center (SOC)Cloud computing technologiesLog aggregation toolsIncident responseMalware analysisIntrusion detectionPacket-level analysisEncoding methodsTechnical communicationCross-functional collaboration

Required

Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience (minimum 5 years). An additional 4 years of experience may substitute for the degree.

At least 5 years of hands-on experience in cybersecurity, with an emphasis on SIEM tools like Wazuh SIEM, network event analysis, or threat analysis.

Possess ONE of the following cybersecurity certifications: CND, CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, SSCP.

Demonstrated ability to operate in a Security Operations Center (SOC) or similar environment, responding to network events and cyber incidents.

Strong knowledge of cloud computing technologies (IaaS, PaaS, SaaS) and traditional computing architecture and security.

Expertise in using log aggregation and security analysis tools to identify and analyze security issues.

Proven experience in analyzing and responding to incidents across cloud, hybrid, and legacy IT environments.

Ability to communicate clearly and effectively, both orally and in writing, including presenting technical information to senior leadership.

Ability to perform impact analysis and develop remediation strategies for cybersecurity events.

Demonstrated knowledge of common encoding methods (Base64, XOR, AES) and attack techniques (e.g., XSS, DoS).

Preferred

Hands-on experience with Wazuh SIEM.

Knowledge of malware analysis (static and dynamic) and the ability to identify anomalous or malicious code.

Familiarity with intrusion detection technologies and techniques for detecting host and network-based intrusions.

Experience analyzing and interpreting system files (e.g., log files, registry files) to support forensic investigations.

Expertise in detecting and mitigating advanced cyber threats, including insider threats and nation-state sponsored attacks.

Knowledge of cyber attack stages (reconnaissance, exploitation, privilege escalation, etc.) and familiarity with common attack patterns and threat actors.

Experience in packet-level analysis using tools like Wireshark or similar.

Ability to work collaboratively with cross-functional teams and assist in signature construction for cybersecurity defense systems.