L1 SOC (Security Operations Center)

🕒 Shift: 24/7 Rotational Shift

We are looking for a passionate and proactive SOC Analyst L1 to join our Cyber Security Operations team. In this role, you will be responsible for monitoring, analyzing, and responding to security events to help protect the organization's infrastructure and digital assets.

Responsibilities

Perform 24/7 security monitoring using SIEM, EDR, and NDR platforms.

Analyze and triage security alerts based on severity and predefined use cases.

Investigate suspicious activities and security incidents following established playbooks and procedures.

Identify false positives and validate true security incidents.

Escalate high-priority incidents to L2/L3 SOC Analysts and relevant stakeholders.

Monitor network traffic, endpoint activities, and security events across the environment.

Analyze logs from various sources, including:

Windows Event Logs

Linux Logs

Firewall Logs

EDR Logs

Network Security Devices

Create and maintain incident tickets, investigation records, and security reports.

Participate in incident response activities and post-incident documentation.

Stay updated with the latest cyber threats, attack techniques, and security trends.

Requirements

Education & Experience

Bachelor's Degree (S1) in Information Technology, Information Systems, Computer Science, Cyber Security, or related fields.

Minimum 1 year of experience as SOC Analyst, Security Analyst, Cyber Security Analyst, or related roles.

Fresh graduates with strong cyber security knowledge and relevant certifications are welcome to apply.

Technical Skills

Strong understanding of:

TCP/IP

DNS

HTTP/HTTPS

Network Security Fundamentals

Windows & Linux Operating Systems

Hands-on experience with security monitoring tools:

SIEM (Splunk, QRadar, Microsoft Sentinel, ELK, Wazuh, etc.)

EDR (CrowdStrike, SentinelOne, Defender, Trend Micro, etc.)

NDR solutions (preferred)

Experience in:

Security Event Monitoring

Alert Triage

Incident Investigation

Log Analysis

Threat Detection

Good understanding of:

MITRE ATT&CK Framework

Cyber Kill Chain

Incident Response Process

Security Operations Center Workflow

Familiarity with networking tools such as Wireshark, Nmap, and packet analysis is an advantage.

Soft Skills

Strong analytical and problem-solving skills.

Ability to work under pressure in a fast-paced environment.

Good communication and documentation skills.

Willing to work in a 24/7 shift rotation schedule.

Team player with a proactive mindset.

Preferred Certifications

High Priority

BTL1 (Blue Team Level 1)

eJPT

CRTP

CJCA

PSAA

CCDL1

Additional Advantage

CompTIA Security+

CompTIA CySA+

Microsoft SC-200

CEH

GIAC Certifications