L1 SOC Analyst (Threat Monitoring)

About the role

We are seeking a motivated L1 SOC Analyst to join our Security Operations Center. In this entry‑level position you will monitor security alerts, perform initial triage, and help ensure rapid detection and escalation of incidents using industry‑leading tools.

Key responsibilities

• Monitor real‑time alerts from SIEM platforms and other security tools.
• Conduct Level 1 triage by analyzing logs, network traffic, and endpoint events.
• Investigate suspicious activity, document findings, and escalate according to SOC procedures.
• Correlate data from multiple sources to identify potential threats.
• Assist Level 2/3 analysts with complex investigations and provide detailed incident reports.
• Maintain health of SIEM alerts, fine‑tune rules, and report false positives.
• Support forensic data collection and contribute to compliance documentation.
• Stay current on emerging threats, attack techniques, and industry best practices.

Required profile

• Bachelor’s degree or equivalent technical background.
• Basic to intermediate knowledge of network security, TCP/IP, and troubleshooting.
• Familiarity with SIEM platforms such as IBM QRadar, Splunk, ArcSight, Microsoft Sentinel or LogRhythm.
• Understanding of log analysis, firewalls, IDS/IPS, endpoint security and anti‑malware solutions.
• Awareness of MITRE ATT&CK, NIST CSF, CIS Controls and ISO 27001 frameworks.
• Ability to investigate phishing emails and suspicious files.
• Basic knowledge of Linux/Unix, Windows operating systems and common network services.

Required skills

• SIEM (IBM QRadar, Splunk, ArcSight, Microsoft Sentinel, LogRhythm)
• TCP/IP and network security
• Log analysis
• Firewalls, IDS/IPS
• Endpoint security and anti‑malware
• MITRE ATT&CK framework
• NIST Cybersecurity Framework, CIS Controls, ISO 27001
• Phishing investigation
• Linux/Unix and Windows OS
• Vulnerability management
• Threat intelligence sources