Security Operations Center Analyst

SOC Analyst – Level 1 (Tier 1)

We are seeking a SOC Analyst – Level 1 to act as the frontline defender within our Security Operations Center (SOC). This role focuses on continuous monitoring, alert triage, initial investigation, and timely escalation of security incidents. The ideal candidate is detail-oriented, process-driven, and capable of working in a 24×7 operational environment.

Location: Karachi, Islamabad, Lahore, Multan and Faisalabad

Responsibilities:

• Monitor SIEM/XDR platforms for security alerts and suspicious activities.
• Perform initial alert triage (true positive vs. false positive).
• Follow predefined playbooks and standard operating procedures (SOPs).
• Collect and analyze logs from endpoints, firewalls, email, and cloud systems.
• Create and update incident tickets with clear documentation.
• Escalate validated incidents to L2 with proper context and evidence.
• Handle common security events (malware, phishing, brute force, policy violations).
• Maintain SLA compliance and support continuous improvement of SOC processes.

Requirements:

• 2–4 years of experience in SOC, IT Security, or IT Operations.
• Understanding of networking fundamentals (TCP/IP, DNS, HTTP).
• Basic knowledge of Windows/Linux systems.
• Familiarity with common cyber threats (phishing, ransomware, malware).
• Hands-on exposure to any SIEM or EDR tool.
• Strong analytical, documentation, and communication skills.
• Willingness to work in rotational shifts.
• Entry-level security certifications (Security+, SC-900, AZ-900) are a plus.