SOC Analyst "L1"

Job Description:

• Continuously monitors the security alerts queue through SIEM solution and EDR.
• triages security alerts.
• monitors health of Organization’s security sensors and SIEM infrastructure.
• collects data and context necessary to initiate Level 2 escalation.
• delivers scheduled and ad-hoc reports.
• works closely with Level 2 & Level 3 team towards the continuous improvement of the service.
• Environment is 24x7x365. Day/Night shift; weekend and holiday.

Technical skills:

• Knowledge of SIEM (Security Information and Event Management)
• Familiar with SQL, C, C++, C#, Java, or PHP programming languages
• Solid technical knowledge about TCP/IP, computer networking, routing, and switching
• Basic knowledge about IDS/IPS, penetration and vulnerability testing
• Solid technical knowledge about Firewall and intrusion detection/prevention protocols
• Windows, UNIX, and Linux operating systems
• Network protocols and packet analysis tools
• Anti-virus and anti-malware
• Good reporting skills
• 1-2 years of related professional experience and training in SOC and/or information technology and/or information security is highly preferred.

Non-Technical skills

• Excellent analytical and problem-solving skills.
• Strong interpersonal skills to interact with team members and upper management.
• Strong collaborative skills.
• Self-discipline to work according to playbook and time requirements.
• Passion for cybersecurity and staying up-to-date with current threats, tools and techniques.
• Willingness to learn new security technologies, products and incident analysis and response approaches.
• Excellent written and oral communication skills.