Role Description

The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality.

Principal Duties

• Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analyst's shift.
• Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions.
• At the shift's commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries.
• Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring.
• Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation.
• Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team.
• Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and
  
  

Qualifications

• At least 1 year of experience as a security analyst
• Proficient in investigating s related to phishing, malware, and similar threats.
• Solid understanding of computer security and networking concepts
• Experience with SIEM or similar security tools.
• Knowledgeable about endpoint protection tools
• Skilled in analyzing network traffic, interpreting logs, and examining packet capture.
• Strong critical thinking and analytical abilities
• Excellent written and verbal communication skills
• Experience managing and analyzing s from security tools is a plus.
• Familiarity with cloud solutions is advantageous.
• Relevant certifications are a plus.
  
  

Skills

L1 SOC Monitoring,CyberSecurity,SOAR Management