SOC L1

The SOC L1 Analyst is responsible for serving as the initial line of defense within the Security Operations Center. The analyst will monitor and triage security alerts, utilize SIEM technologies, document incidents, and escalate cases requiring advanced investigation to higher SOC tiers. By adhering to established procedures and service-level agreements (SLAs), the analyst ensures effective incident handling, accurate reporting, and the reliability of SOC tools and processes.

Responsibilities:

Alert Monitoring & Triage

• Perform continuous monitoring of security alerts as the first response tier.
• Analyze alerts and escalate significant incidents to SOC L2 for further investigation.
• Minimize false positives through contextual analysis and compliance with SLAs.

Incident Logging & Reporting

• Document incidents with complete and accurate information to support next-level analysis.
• Assist in generating scheduled and ad-hoc security reports.
• Contribute to data quality improvements through structured feedback.

Tool Utilization & Monitoring

• Operate and monitor SOC security tools to identify anomalies and threats.
• Report operational issues to ensure maximum efficiency and system reliability.

Special Assignments

• Support the execution of specific projects or tasks as directed by SOC management.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, or a IT related field .
• Fresh graduate; no prior professional SOC experience required.
• Certifications related to SOC or Cybersecurity are highly preferred: eJPTv2, CEH, eCTHPv2, etc..,.

Skills

• Foundational understanding of SIEM technologies and core security concepts.
• Awareness of adversarial tactics, techniques, and procedures (TTPs).
• Basic knowledge of cyber threats, vulnerabilities, and incident response processes.
• Strong analytical, problem-solving, and communication skills.