SOC Analyst

Role Summary

Duties And Responsibilities

Security Monitoring & Event Analysis

• Monitor SIEM and security monitoring tools (e.g.,Wazuh) for alerts, anomalies, and suspicious activities.
• Perform initial triage and analysis of security events by correlating logs from multiple sources including firewalls, routers, and servers.
• Identify potential threats such as unauthorized access attempts, port scans, malware activity, and traffic anomalies.
• Escalate verified or suspected incidents to SOC Lead in accordance with defined SOPs and SLAs.

Incident Response Support

• Assist in investigation of security incidents to determine scope and impact.
• Document all actions, findings, and timelines in the incident management system.
• Support containment and recovery actions as directed by SOC Lead or Incident Response team.

Log Monitoring & Analysis

Monitor logs from critical infrastructure including:

• Firewalls
• Core routers
• Servers (Windows/Linux)
• Identify abnormal patterns, spikes, or deviations in network and system behavior

Threat Intelligence & Vulnerability Support

• Review basic threat intelligence feeds and correlate with observed events.
• Assist in vulnerability scanning activities and reporting of findings.
• Track remediation status and escalate overdue vulnerabilities.

Compliance & Documentation

• Ensure completeness and integrity of log collection across systems.
• Maintain accurate and audit-ready records of alerts, incidents, and investigations.
• Support compliance with regulatory and security frameworks (e.g., PTA requirements, ISO 27001).

Reporting

• Prepare daily, weekly, and monthly SOC monitoring reports.
• Provide inputs for improving detection rules and reducing false positives.

Our Duties

• Participate in security drills, testing, and awareness activities.
• Support SOC initiatives and continuous improvement activities.
• Assist relevant departments in security-related queries when required.

Job Specifications

• Bachelors’ degree in Cyber security, Computer Science or related field.
• 1–2 years of experience in SOC/NOC or IT operations.
• Understanding of network security, firewalls, IDS/IPS, VPNs.
• Hands-on knowledge and working experience with EDR/XDR tools and platforms will be preferred.
• Hands-on experience with incident response and threat analysis.

Location