SOC Analyst L1

SOC Analyst L1 role will play a crucial role in monitoring and responding to security incidents for various client environments. The primary focus will be on identifying and escalating potential threats while learning the ropes of security operations.

Job Responsibilities:

• Monitor and analyze security alerts from SIEM and SOAR platforms
• Escalate incidents to higher-level analysts as needed
• Assist in incident triage and documentation
• Support continuous improvement of SOC processes
• Continuously monitor security tools and SIEM dashboards for potential security incidents, including alerts, anomalies, and suspicious activities.
• Prioritize and triage events based on severity, urgency, and potential impact, following established escalation procedures.
• Conduct initial investigations using threat intelligence feeds, security documentation, and available resources to determine threat potential and scope.
• Document findings and actions taken in a clear and concise manner.
• Follow established incident response (IR) procedures and playbooks to contain and remediate security incidents within your assigned level of responsibility.
• Collaborate effectively with senior analysts and security engineers to escalate complex or high-priority incidents as needed.
• Communicate effectively with internal stakeholders and, if authorized, with external parties to provide updates and ensure coordinated response efforts.
• Maintain documentation: Update and maintain documentation related to procedures, policies, and incident response activities.
• Actively participate in training: Participate in training programs and workshops to learn new security skills and technologies.
• Stay updated on threats: Continuously stay updated on emerging threats, vulnerabilities, and attack vectors.

Qualification and Experience:

• Bachelors' degree in Security or Information Technology.
• Hands-on experience with Microsoft Sentinel SIEM
• Familiarity with FortiSOAR for incident response and automation
• Strong analytical and problem-solving skills
• Willingness to work in a 24/7 SOC environment
• Strong understanding of cybersecurity fundamentals and concepts.
• Ability to work effectively in a fast-paced, dynamic environment.
• Strong communication and interpersonal skills.
• Adaptability and willingness to learn new technologies and processes.