SOC Security Analyst - Level 1

Description

Job Summary: We are seeking a Level 1 SOC Security Analyst to monitor the environment, detect security events, and triage alerts, serving as the first line of defense. Key Highlights: 1. Continuous monitoring of the security environment. 2. First line of defense against cyber incidents. 3. Participation in training programs for continuous improvement in the field. We are looking for a **Level 1 SOC Security Analyst** to join our Security Operations structure. The professional will be responsible for continuously monitoring the environment, performing initial detection of security events, and triaging alerts generated by security tools. They will act as the company's first line of defense, ensuring visibility across the environment and providing initial incident response, following operational playbooks and information security best practices. **Key Responsibilities** * Actively monitor security events using SIEM platforms (e.g., Wazuh, Splunk, Sentinel, or QRadar) and endpoint protection tools (EDR/XDR). * Analyze and classify alerts generated by security tools, identifying potential incidents and reducing false positives. * Execute initial containment actions per defined security playbooks (e.g., host isolation or credential resets). * Record and document incidents and activities in IT service management (ITSM) systems, ensuring traceability and organized information handling. * Escalate more complex incidents systematically to Level 2 or Level 3 teams, ensuring all investigative context is fully transferred. * Monitor and track operational metrics and indicators related to incident detection and response. Participate in technical and operational training programs aimed at continuous advancement of the security domain. **Technical Requirements** * Knowledge of networking fundamentals and protocols such as the OSI model, TCP/IP, and DNS. * Experience with or familiarity with network traffic analysis tools (e.g., Wireshark or Tcpdump). * Operational knowledge of Windows and Linux environments, including basic terminal or CLI navigation. * Basic understanding of security solutions such as firewalls, IPS/IDS, WAFs, and antivirus/EDR tools. * Familiarity with cyber threat concepts, including phishing, malware, brute-force attacks, and ransomware. **Education and Certifications** * Completed or ongoing undergraduate degree in Cyber Defense, Computer Science, Engineering, Networking, or related fields. **Preferred Qualifications** * Entry-level information security certifications such as CompTIA Security+, Cisco CyberOps Associate, Microsoft SC-900, or similar. * Practical knowledge of the MITRE ATT&CK framework. * Prior experience in technical support, IT infrastructure, or system monitoring environments.