Security Analyst

Company Profile Lennox NYSE LII Driven by 130 years of legacy HVAC and refrigeration success Lennox provides our residential and commercial customers with industry-leading climate-control solutions At Lennox we win as a team aiming for excellence and delivering innovative sustainable products and services Our culture guides us and creates a workplace where all employees feel heard and welcomed Lennox is a global community that values each team member s contributions and offers a supportive environment for career development Come stay and grow with us We are seeking a skilled and detail-oriented Splunk SIEM Policy Administrator to manage and maintain security policies configurations and operational integrity within our Splunk SIEM environment The ideal candidate will have a strong background in security operations log management and policy enforcement ensuring that our SIEM platform supports effective threat detection incident response and compliance requirements Bachelor s degree in computer science Information Security or related field 3 years of experience in SIEM administration preferably with Splunk Strong understanding of security operations log analysis and incident response Experience with Splunk SPL Search Processing Language and dashboard creation Familiarity with enterprise security policies compliance frameworks and risk management Correlation Usecase implementation Creation of Interactive dashboard Knowledge of networking protocols operating systems and common attack vectors Incident Response Triaging the true positive events Excellent analytical problem-solving and communication skills Excellent communication and presentation skills Commitment to continuous learning and professional development Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM Qualifications Utilize Splunk SIEM and CrowdStrike EDR tools to monitor detect and respond to security incidents Develop and execute security monitoring strategies and initiatives working closely with the SOC management team to align efforts with organizational goals Administer and maintain Splunk SIEM policies configurations and access controls Develop implement and manage correlation rules alerts and dashboards to support threat detection and response Collaborate with SOC analysts incident responders and IT teams to fine-tune SIEM use cases and improve detection capabilities Ensure compliance with internal security standards and external regulatory requirements e g ISO 27001 GDPR HIPAA Monitor and optimize data ingestion pipelines ensuring relevant logs are collected and parsed correctly Perform regular audits of SIEM configurations user roles and data sources Document policy changes configurations and procedures for operational transparency and continuity Support onboarding of new data sources and integration with other security tools e g EDR vulnerability scanners Assist in troubleshooting and resolving issues related to SIEM performance data gaps or false positives Stay updated with the latest security threats Splunk features and best practices Create and maintain standard operating procedures SOPs to ensure consistent and effective security operations Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations including key metrics trends and emerging threats Take ownership of false positive report preparations ensuring accurate identification and documentation of false positives to improve detection and response capabilities Collaborate with the Security Specialist team on high-priority security incidents providing expertise and assistance as needed to facilitate incident resolution Flexible to Provide support to 24 7 L1 Monitoring shift members