SOC L1 Analyst
SOC L1 Analyst
We're looking for an eager, detail-oriented individual to join our SOC team — whether you're a fresh graduate ready to kickstart your cybersecurity career or someone with up to two years of IT experience looking to specialize in security operations.
As an SOC L1 Analyst, you will serve as the first line of defense in our Security Operations Center — continuously monitoring, triaging, and performing initial analysis of security alerts. You'll filter out false positives, execute standard incident response procedures, and escalate complex threats to the L2 team, helping maintain a strong baseline security posture for our clients.
Key responsibilities:
- Continuous security monitoring: Monitor SIEM, EDR, IDS/IPS, firewalls, and email security dashboards in real-time during shifts.
- Triage and initial analysis: Assess incoming security alerts to determine severity and validity, distinguishing false positives from true threats.
- Playbook execution: Execute documented initial response actions per SOPs — including endpoint isolation, IP/URL blocking, and credential resets.
- Documentation and ticket management: Record all findings, analysis steps, and actions in the ticketing system (Jira, ServiceNow) accurately and promptly.
- Incident escalation: Escalate complex or high-risk incidents to the L2 team within SLA, with all relevant context and initial findings.
Requirements:
- S1 (Bachelor's) in Computer Science, IT, Cybersecurity, or related field
- 0–2 years experience in IT ops, network admin, or cybersecurity; fresh graduates welcome
- Solid networking fundamentals: TCP/IP, DNS, HTTP/S, DHCP, OSI model
- Basic knowledge of Windows, Linux, and command-line interfaces
- Familiarity with SIEM, EDR, and firewall concepts
- Understanding of MITRE ATT&CK framework (basic level)
- Cybersecurity certification (either of the following):
- EC-Council: CEH (Certified Ethical Hacker)/ECIH (EC-Council Certified Incident Handler)
- CompTIA: CySA+ (Cybersecurity Analyst)/Security+/CASP+
- Willingness to work 24/7 rotating shifts including nights, weekends, and public holidays
- Strong written and verbal communication skills
Additional requirements (good but not compulsory):
- Prior hands-on experience with monitoring tools, log analysis, or basic incident response