SOC Officer

As a Tier1 security analyst in the 24x7 Security Operations Center, you will be responsible for monitoring the environment for potential security threats and incidents. Your role will involve identifying, triaging, analyzing, threat-hunting, investigating incidents, and supporting remediation recommendations to mitigate security threats effectively.

Key Responsibilities:

• Monitor, analyze, and respond to security events promptly
• Operate on a 12-hour shift basis for continuous monitoring of security alerts in SIEM platforms
• Triage and prioritize alerts based on severity, impact, and organizational risk
• Perform initial analysis to validate alerts, determine legitimacy, and escalate confirmed or suspicious incidents as necessary
• Track and analyze suspicious network, application, and user behavior to identify anomalies and threats
• Ensure timely escalation of incidents to customers following defined SLAs, maintaining clear communication and updates throughout the incident lifecycle
• Collaborate with L2 analysts for in-depth investigation, containment, and resolution of security incidents
• Utilize ticketing systems to log, track, and manage incidents through to closure, ensuring proper documentation and audit trail
• Participate in incident response activities in alignment with predefined Incident Response Plan and playbooks
• Adhere to Standard Operating Procedures (SOPs) for alert handling, escalation, and communication
• Maintain awareness of current threats, vulnerabilities, and emerging attack techniques that may impact the organization

Qualifications Required:

• Bachelor's degree in computer science, Cybersecurity, or a related field
• 0-2 years of experience in SOC, IT support, network administration, or a related field with exposure to security concepts
• Experience in monitoring and responding to security incidents
• Familiarity with security tools such as SIEM platforms, especially Azure Microsoft Sentinel or Elastic SIEM
• Strong analytical and problem-solving skills

You should have proficiency in KQL and other query languages for threat analysis, familiarity with the MITRE ATT&CK framework, strong knowledge of incident response processes, and security monitoring tools. Additionally, you must be able to handle high-severity incidents and make quick decisions under pressure. Please note that you will be required to work on a 12-hour shift rotation. As a Tier1 security analyst in the 24x7 Security Operations Center, you will be responsible for monitoring the environment for potential security threats and incidents. Your role will involve identifying, triaging, analyzing, threat-hunting, investigating incidents, and supporting remediation recommendations to mitigate security threats effectively.

Key Responsibilities:

• Monitor, analyze, and respond to security events promptly
• Operate on a 12-hour shift basis for continuous monitoring of security alerts in SIEM platforms
• Triage and prioritize alerts based on severity, impact, and organizational risk
• Perform initial analysis to validate alerts, determine legitimacy, and escalate confirmed or suspicious incidents as necessary
• Track and analyze suspicious network, application, and user behavior to identify anomalies and threats
• Ensure timely escalation of incidents to customers following defined SLAs, maintaining clear communication and updates throughout the incident lifecycle
• Collaborate with L2 analysts for in-depth investigation, containment, and resolution of security incidents
• Utilize ticketing systems to log, track, and manage incidents through to closure, ensuring proper documentation and audit trail
• Participate in incident response activities in alignment with predefined Incident Response Plan and playbooks
• Adhere to Standard Operating Procedures (SOPs) for alert handling, escalation, and communication
• Maintain awareness of current threats, vulnerabilities, and emerging attack techniques that may impact the organization

Qualifications Required:

• Bachelor's degree in computer science, Cybersecurity, or a related field
• 0-2 years of experience in SOC, IT support, network administration, or a related field with exposure to security concepts
• Experience in monitoring and responding to security incidents
• Familiarity with security tools such as SIEM platforms, especially Azure Microsoft Sentinel or Elastic SIEM
• Strong analytical and problem-solving skills

You should have proficiency in KQL and other query languages for threat analysis, familiarity with the MITRE ATT&CK framework, strong knowledge of incident response processes, and security monitoring tools. Additionally, you must be able to handle high-severity incidents and make quick decisions under pressure. Please note that you will be required to work on a 12-hour shift rotation.