SOC Analyst

Job Summary:

The SOC Analyst is responsible for monitoring and responding to security incidents in a 24/7/365 Security Operations Center (SOC). This role requires a detail-oriented individual, has a strong interest in cybersecurity and is eager to learn. The SOC Analyst Level 1 will work closely with senior analysts and other IT teams to ensure the security of the organization's systems and data.

Key Responsibilities:

1. Monitoring and Detection:

• Continuously monitor security alerts from various security tools (e.g., SIEM, IDS/IPS, EDR)
• Analyze and triage security alerts to determine their severity and impact.
• Escalate incidents to higher-level analysts when necessary.
  
  
  

2. Incident Response:

• Assist in the initial investigation and classification of potential security incidents.
• Document incidents and actions taken in the incident management system.
• Follow established incident response procedures and playbooks.
  
  
  

3. Threat Intelligence:

• Stay up to date with the latest cybersecurity threats and trends.
• Use threat intelligence feeds to identify potential threats to the organization.
• Assist in the analysis of new and emerging threats.
  
  
  

4. Reporting:

• Generate and maintain security incident reports for internal review.
• Contribute to daily, weekly, and monthly SOC reports.
  
  
  

5. Collaboration:

• Work closely with other SOC team members, IT, and other departments to resolve security incidents.
• Participate in team meetings and contribute to SOC process improvements.
  
  
  

Qualifications:

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent work experience will be considered.
• Experience: 2-3 years of experience in cybersecurity, IT, or a related field.
• Certifications: CompTIA Security+, Certified SOC Analyst (CSA), or similar certifications are a plus.
  
  
  

Skills:

• Basic understanding of cybersecurity principles and practices.
• Familiarity with common security tools and technologies (e.g., SIEM, IDS/IPS, antivirus software).
• Strong analytical and problem-solving skills.
• Ability to work in a fast-paced, 24/7/365 environment.
• Good communication skills, both written and verbal.
• Attention to detail and a proactive approach to learning.
  
  
  

Preferred Skills:

• Experience with security monitoring tools and technologies.
• Understanding of network protocols, operating systems, and malware analysis.
• Familiarity with incident response frameworks and methodologies.
  
  
  

Work Environment:

• This position requires the ability to work in a shift-based environment, including nights, weekends, and holidays.
• Ability to work under pressure and handle multiple priorities simultaneously.