Security Analyst

Company Profile

Lennox (NYSE: LII)

• Bachelor’s degree in computer science , Information Security, or related field.
• 3 + years of experience in SIEM administration, preferably with Splunk.
• Strong understanding of security operations, log analysis, and incident response.
• Experience with Splunk SPL (Search Processing Language) and dashboard creation.
• Familiarity with enterprise security policies, compliance frameworks, and risk management.
• Correlation Usecase implementation.
• Creation of Interactive dashboard.
• Knowledge of networking protocols, operating systems, and common attack vectors.
• Incident Response & Triaging the true positive events.
• Excellent analytical, problem-solving, and communication skills.
• Excellent communication and presentation skills.
• Commitment to continuous learning and professional development.
• Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM .
  

Qualifications

• Utilize Splunk SIEM and CrowdStrike EDR tools to monitor , detect, and respond to security incidents.
• Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals.
• Administer and maintain Splunk SIEM policies, configurations, and access controls.
• Develop, implement, and manage correlation rules, alerts, and dashboards to support threat detection and response.
• Collaborate with SOC analysts, incident responders, and IT teams to fine-tune SIEM use cases and improve detection capabilities.
• Ensure compliance with internal security standards and external regulatory requirements (e.g., ISO 27001, GDPR, HIPAA).
• Monitor and optimize data ingestion pipelines, ensuring relevant logs are collected and parsed correctly.
• Perform regular audits of SIEM configurations, user roles, and data sources.
• Document policy changes, configurations, and procedures for operational transparency and continuity.
• Support onboarding of new data sources and integration with other security tools (e.g., EDR, vulnerability scanners).
• Assist in troubleshooting and resolving issues related to SIEM performance, data gaps, or false positives.
• Stay updated with the latest security threats, Splunk features, and best practices.
• Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations.
• Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats.
• Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities.
• Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.
• Flexible to Provide support to 24/7 L1 Monitoring shift members.