As a L1 SOC Analyst, you will be part of the on-premises SOC team ensuring continuous monitoring, detection, and first-line analysis of security events across the agency's infrastructures.

Your main responsibilities will include:

• Monitoring the correct functioning of the SIEM platform (Splunk)
• Real-time monitoring of servers, services, network devices, and end-user workstations
• Detecting anomalies, prioritizing alerts, and performing first-level analysis
• Investigating alerts and escalating incidents to Tier 2 or higher when required
• Correlating and summarizing events across multiple monitored services
• Performing lookups using Indicators of Compromise (IoCs) and supporting threat-hunting activities
• Supporting the tracing of intrusion origins and identifying affected systems
• Proposing reactive measures (blocking domains, isolating assets, etc.)
• Preparing and maintaining SOC procedures, runbooks, and cheat-sheets
• Regularly reporting on the operational security situation
• Supporting the incident management process and liaising with the Agency’s teams

Profile

Experience:

• 3 years in Cyber Security
• Proven hands-on experience in a SOC
• Experience with SIEM tools
• Familiarity with incident response procedures
• Understanding of network protocols, operating systems, and endpoint security tools

Soft skills:

• Strong analytical and problem-solving mindset
• Ability to prioritize under pressure and follow structured procedures
• Team player with good communication skills and attention to detail
• Integrity, professionalism, and confidentiality