SOC Analyst L1 (Entry Level)

Security Operation Analyst Level 1 is an operational role, focusing on real time security event monitoring and security incident investigation. As a Level 1 Security Operation Analyst you will perform an in-depth analysis of evidence, identify the malicious operations, and evaluate the real impact to solve in a quick and efficient manner.

Key Responsibilities:

• The Security Analyst continuously monitors security events and triage security alerts from the SOC channel (Open XDR Platform). Based on the security event severity, escalate to Level 2 Security Analyst, and/or customer as appropriate to perform further investigation and resolution.
• Responds to security incidents if necessary or as required
• Collects data and context necessary to initiate Level 2 escalation. Works closely with Level 2 & Level 3 team towards the continuous improvement of the service
• Recommend enhancements to SOC security process, procedures, and policies.
• Participate in security incident management and vulnerability management processes
• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
• Communicate effectively with customers, teammates, and management
• Provide input on tuning and optimization of security systems
• Document and maintain customer build documents, security procedures and processes.
• Staying up to date with emerging security threats including applicable regulatory security requirements
• Monitors health of customer security sensors and Open XDR Platform. Delivers scheduled and ad hoc reports.
• Other responsibilities and additional duties as assigned by the security management team

Qualifications:

• Graduate of IT related course preferably with specialization in network and IT Security but not required
• Security Operations Centre Experience is an advantage but not required
• Certification in IT Security such as ISC2 and Comptia+ is an advantage
• Good knowledge of IT including multiple operating systems and system administration skills (Windows, Solaris, Unix)
• Knowledgeable of firewalls, VPNs, and cybersecurity solutions like EDR and XDR