Junior Cyber Security Analyst - Tier 1

Role Overview: As a Tier 1 SOC Analyst at our Security Operations Center, you will play a crucial role in continuous monitoring, initial investigation, and rapid response to security alerts and incidents. Your responsibilities will include acting as the first point of contact for detecting suspicious activity, escalating threats, and ensuring a secure environment. You are expected to have strong knowledge of security threats, incident detection technologies, and investigation techniques. Adaptability, willingness to work in 24x7 shifts, and eagerness to learn emerging security tools and techniques are key qualities for this role. Key Responsibilities: - Monitor SOAR, SIEM, IDS/IPS, endpoint, and network security tools for alerts and anomalies. - Perform triage of incoming security events to assess severity, scope, and potential impact. - Investigate alerts to differentiate false positives from genuine threats. - Document findings clearly and escalate incidents according to SOC playbooks. - Initiate containment measures for confirmed incidents (e.g., isolating endpoints, disabling accounts). - Support vulnerability and patch management activities by monitoring for unpatched systems. - Maintain situational awareness of current threats and common attack techniques (e.g., phishing, malware, brute force). - Contribute to incident reports and post-incident reviews. - Use SOAR platforms for automating detection and response where possible. Qualifications Required: - 1-2 years of experience in Security Operations or in a SOC. - Experience with SIEM, EDR, IAM, DLP, and incident response. - Familiarity with host-based detection and prevention suites (e.g., Microsoft Defender, Azure Security Center, Sentinel, Cisco Umbrella, M-Vision). - Familiarity with security incident management tools (e.g., ServiceNow). - Working knowledge of Microsoft and/or other OS environments. - Solid understanding of TCP/IP, firewalls, VPNs, IDS/IPS, anti-virus, and endpoint protection. - Basic understanding of firewall configuration and system patching. - Experience with log analysis and malware detection. - Familiarity with scripting languages (e.g., Python, Perl) is a plus. - Certifications such as Microsoft Security Certifications, Comptia Sec+/CYSA, ISC2 CC are a plus. Please note that the additional information about the company and benefits has been omitted as per the provided instructions. Role Overview: As a Tier 1 SOC Analyst at our Security Operations Center, you will play a crucial role in continuous monitoring, initial investigation, and rapid response to security alerts and incidents. Your responsibilities will include acting as the first point of contact for detecting suspicious activity, escalating threats, and ensuring a secure environment. You are expected to have strong knowledge of security threats, incident detection technologies, and investigation techniques. Adaptability, willingness to work in 24x7 shifts, and eagerness to learn emerging security tools and techniques are key qualities for this role. Key Responsibilities: - Monitor SOAR, SIEM, IDS/IPS, endpoint, and network security tools for alerts and anomalies. - Perform triage of incoming security events to assess severity, scope, and potential impact. - Investigate alerts to differentiate false positives from genuine threats. - Document findings clearly and escalate incidents according to SOC playbooks. - Initiate containment measures for confirmed incidents (e.g., isolating endpoints, disabling accounts). - Support vulnerability and patch management activities by monitoring for unpatched systems. - Maintain situational awareness of current threats and common attack techniques (e.g., phishing, malware, brute force). - Contribute to incident reports and post-incident reviews. - Use SOAR platforms for automating detection and response where possible. Qualifications Required: - 1-2 years of experience in Security Operations or in a SOC. - Experience with SIEM, EDR, IAM, DLP, and incident response. - Familiarity with host-based detection and prevention suites (e.g., Microsoft Defender, Azure Security Center, Sentinel, Cisco Umbrella, M-Vision). - Familiarity with security incident management tools (e.g., ServiceNow). - Working knowledge of Microsoft and/or other OS environments. - Solid understanding of TCP/IP, firewalls, VPNs, IDS/IPS, anti-virus, and endpoint protection. - Basic understanding of firewall configuration and system patching. - Experience with log analysis and malware detection. - Familiarity with scripting languages (e.g., Python, Perl) is a plus. - Certifications such as Microsoft Security Certifications, Comptia Sec+/CYSA, ISC2 CC are a plus. Please note that the additional information about the company and benefits has been omitted as per the provided instructions.