RSA NetWitness Security Analyst

Emerson United Inc - Stamford, CT


RSA NetWitness Security Analyst

This role is designed to provide senior level leadership for the design, engineering, and implementation of security event data collection for our managed security service customers related to incident response, threat monitoring, threat intelligence, and operations. These programs pertain to the data identification, assessment, ingestion, normalization and enrichment activities required for the Security Operations Center to perform proper detection and analytics of cyber threats and response.

Responsibilities Include: Lead and perform the content development within the RSA NetWitness Platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and log source configuration

Job Requirements:

  • 5 years’ experience in information security with focus experience on SIEM technologies with experience creating custom use cases, dashboards, and reporting
  • Excellent experience in system integration for SOC Services, best practices on log collection, detecting and defining events of interest through gathering requirements from relevant business and IT stakeholders.
  • Diversified experience on SIEM products, specifically on RSA NetWitness which would include:

§ Design and implementation

§ Handling business as usual activities, including handling Incident response

§ Define Technical use cases for setting up correlation rules and alerts

§ Good experience in building and defining NetWitness Dashboards

§ Experience with RSA NetWitness Logs and as a Network Certified Administrator

  • Dedicated onsite consulting for providing on-going enhancement to the current RSA NetWitness security analytics including:

§ RSA Security Analytics / Netwitness administration, configuration, optimization experience

§ Current environment set up analytics and remediation recommendation development

§ Development of new use cases based on analysis of threat landscape including technical specifications for use case including event sources to be integrated event data to be captured etc.

§ Develop integration guidelines for log source owners

§ Strong interpersonal skills and collaborative style to enable success across multiple teams

  • Experience working in a Security Operation Center environment
  • Cloud experience
  • Capability to clearly and succinctly explain highly complex issues to senior executives
  • Strong communication and presentation skills along with the ability to handle multiple priorities in a fast paced dynamic environment
  • Experience preparing and delivering presentations to peers or senior executives
  • Ability to negotiate, when warranted, in order to work with other teams
  • Ability to grasp and assess big picture issues and bring them to light in order to foster positive change for a more robust data ingestion platform and process

Job Type: Contract

Salary: $80.00 to $85.00 /hour


  • Netwitness: 2 years (Required)
  • Dashboards: 2 years (Required)
  • SIEM: 2 years (Required)

Contract Renewal:

  • Likely

Work Location:

  • One location

This Company Describes Its Culture as:

  • Detail-oriented -- quality and precision-focused
  • Outcome-oriented -- results-focused with strong performance culture


  • Monday to Friday