FreeHire

gxs

SOC Analyst - L1

Show

Responsibilities:

1. Real-Time Triage & Investigation

  • Monitor SIEM, EDR & XDR dashboards to identify and validate security events in real-time.

  • Perform deep-dive analysis on suspicious activity using logs, telemetry, and threat intelligence.

  • Exercise investigative autonomy: Move beyond the initial alert to determine the full scope and "blast radius" of a threat.

  • Follow established playbooks & runbooks for incident handling and escalation.

  • Correlate logs from multiple sources to verify incidents.

2. Playbook Execution & Creation

  • Strictly follow established SOPs and Playbooks to ensure consistent incident handling.

  • Playbook Authoring: Identify gaps in current processes and draft new playbooks to automate or standardize responses to emerging threats.

  • Continuously tune and refine existing alerts to reduce false-positive rates (FPrate).

3. Incident Documentation & Escalation

  • Create detailed, technical tickets that tell the story of an incident from detection to containment.

  • Effectively escalate critical incidents to L2/L3 teams with a comprehensive briefing of findings.

  • Maintain seamless communication during shift handovers in our global follow-the-sun rotation.

  • Communicate with stakeholders about security events.

Requirements:

  • Basic understanding of TCP/IP, DNS, IDS/IPS, Firewalls, the OSI Model, & Vulnerability scanners.

  • Understanding common threat vectors (malware, email, and website analysis at a basic level).

  • Knowledge on Cyber Kill Chain Process and MITRE Attack.

  • Proficient with Windows Event Logs and Linux command line/log analysis.

  • Exposure to SIEM, EDR, SOAR, TIP, & ServiceNow tools etc is required.

  • Ability to remain focused during repetitive monitoring while maintaining a high attention to detail.

  • Ability to translate complex technical findings into actionable insights for diverse stakeholders.

  • Some experience with cloud service providers like AWS and Azure would prove valuable.

  • Experience with Splunk ES would be a plus.

  • Bachelor’s Degree in relevant field of studies.

  • 1-2 years of experience in a SOC environment or equivalent technical role.

  • Preferred Certifications: CompTIA Security+, ISC2 CC; Certified SOC Analyst etc

  • Demonstrated commitment to continuous learning and intellectual curiosity within the cybersecurity domain.

Similar jobs

gxs
last week

SOC Analyst - L2

Devoteam RemoteEurope, North America
2 years ago

Analista L2 para SOC

csit On-siteAPACSenior
4 years ago

Senior Cyber Threat Investigator

Claranet Technology S.A. HybridLATAMJunior
4 weeks ago

Analista de SOC Jr

Devoteam Europe
8 months ago

Analyste SOC - H/F

MetroStar North AmericaFull-timeSenior
4 days ago

Sr. SOC Analyst II (6441)

129 000 – 161 000 $