SOC Officer

About the job

Job DescriptionThis individual will perform the role of Tier1 security analyst in a 24x7 Security Operations Center responsible for monitoring the environment for potential security threats and incidents. This will include the identification, triaging, analysis, threat-hunting, incident investigation and support of remediation recommendations to mitigate the security threats and incidents.Monitors, analyzes and responds to security events in timely manner

• Operate on a 12-hour shift basis (24x7 coverage) to continuously monitor security alerts in SIEM platforms for potential security incidents.
• Triage and prioritize alerts based on severity, impact, and organizational risk.Perform initial analysis to validate alerts, determine legitimacy, and escalate confirmed or suspicious incidents as necessary.
• Track and analyze suspicious network, application, and user behavior to identify anomalies and threats.
• Ensure timely escalation of incidents to customers in accordance with defined SLAs, maintaining clear communication and updates throughout the incident lifecycle.
• Collaborate with L2 analysts for in-depth investigation, containment, and resolution of security incidents.
• Utilize ticketing systems to log, track, and manage incidents through to closure, ensuring proper documentation and audit trail.
• Participate in incident response activities in alignment with the predefined Incident Response Plan and playbooks.
• Adhere to Standard Operating Procedures (SOPs) for alert handling, escalation, and communication. Maintain awareness of current threats, vulnerabilities, and emerging attack techniques that may impact the organization.Qualification
• Bachelor's degree in computer science, Cybersecurity, or a related field.0-2 years of experience in SOC, IT support, network administration, or a related field with exposure to security concepts.
• Experience in monitoring and responding to security incidents.
• Familiarity with security tools such as SIEM platforms, especially Azure Microsoft Sentinel or Elastic SIEM
• Strong analytical and problem-solving skills.Job CommentsSkills required
• Proficiency in KQL and other query languages for threat analysis.
• Familiarity with MITRE ATT&CK framework and its application in threat detection.
• Strong knowledge of incident response processes and security monitoring tools.
• Ability to handle high-severity incidents and make quick decisions under pressure.
• Required to work on a 12-hour shift rotation

Salary

Probation: