Security Analyst – L1 SOC/MDR Operations

About the role

The Security Analyst (L1) will execute operational security tasks in a repeatable manner, supporting the SOC and MDR teams. This role focuses on monitoring SIEM platforms, handling security events, and assisting in incident detection and remediation.

Key responsibilities

• Monitor SIEM tools (Sentinel, Splunk, LogRhythm) for security events and close or escalate them as needed.
• Maintain group email address, distribution lists, and answer primary phone lines.
• Update shift logs, tickets, and related documentation.
• Assist MDR analysts in incident workflows, detection, remediation, and communication with external teams.
• Participate in tier‑1, tier‑2, or tier‑3 SOC activities as required.

Required profile

• Bachelor’s degree in Computer Science, Engineering, IT, Cybersecurity or related field.
• Minimum 12 months experience in MDR, SOC or incident response.
• Strong oral and written communication and client‑facing skills.
• Ability to work nights, weekends, and holidays during incident emergencies.
• Flexibility to adapt to various engagement types, work hours, and locations.

Required skills

• Experience with SIEM platforms such as Azure Sentinel, Splunk, LogRhythm.
• Familiarity with IDS/IPS and firewalls (Snort, Cisco, Fortigate, Sourcefire).
• Understanding of incident response processes and TCP/IP, OSI model.
• Knowledge of Windows and Unix‑based systems, LAN/WAN technologies.
• Proficiency with ticketing/ITSM tools.