SOC Analyst I

We are building a next-generation Security Operations Center (SOC) designed for the cloud-first era. We are building an intelligent, automated SOC that combines deep cloud security expertise with robust automation to protect our organization from advanced threats.
We are seeking an enthusiastic and detail-oriented L1 SOC Analyst to join our 24/7 operations team as the first line of defense. This role is for a proactive individual who is passionate about cybersecurity and eager to learn. You will be responsible for monitoring our security platforms, performing initial analysis of alerts, and escalating potential threats to our L2/L3 analysts.
Please note: This is a 24/7 operational role. The SOC team works in three rotating shifts morning, afternoon, and night) to ensure continuous monitoring and response.

Real-Time Monitoring & Triage

● Act as the first line of defense by continuously monitoring Jira tickets from security alerts on our SIEM, EDR, cloud, and email security platforms.
● Perform initial triage of alerts to identify their priority, severity, and potential impact based on pre-defined criteria.
● Follow documented Standard Operating Procedures (SOPs) to investigate, validate, and categorize alerts as true positives or false positives.

 

Alert Escalation & Documentation
● Escalate all validated security incidents and potential threats to L2 Analysts for in-depth investigation and response.
● Accurately and meticulously document all triage steps, findings, and communications in our incident management system/ticketing tool.
● Assist in creating and updating basic reports on alert volumes and common incidents.

 

 

Using Automation & Security Tools

● Utilize pre-built automation playbooks (SOAR) to enrich alerts with threat intelligence and contextual data to aid in triage.

● Operate core security tools to gather initial data for investigations (e.g., check firewall logs, query EDR for process history, look up domain reputation).

● Monitor cloud security dashboards (AWS, Azure) for high-priority alerts and common
misconfigurations, escalating as needed.

 

Collaboration & Shift Handovers

● Communicate effectively with the team during shift handovers, ensuring a smooth transition of open alerts and ongoing issues.
● Stay current with common attack vectors (e.g., phishing, malware) and basic threat intelligence.
● Identify and report on security tool issues or alerts that are generating a high number of false positives.

 

 

 

● Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience/certifications.
● Willingness and ability to work in a 24/7 rotational shift environment (morning, afternoon, and night).
● 0-2 years of experience in an IT, network operations, or security operations role.
● Core Skills: Excellent attention to detail, strong analytical-thinking, and clear written and verbal communication skills.
● Technical Fundamentals: A basic understanding of networking (TCP/IP), cloud security (AWS, Azure), AI and security fundamentals (malware, phishing, firewalls).
● Cloud Familiarity: Familiarity with core cloud concepts (AWS, Azure, or GCP) is highly desirable.
● Eagerness to Learn: A strong desire to learn and work with security automation (SOAR) platforms, SIEM, and EDR tools.
● Preferred certifications: CompTIA Security+, Network+, or equivalent foundational
security certifications.

● Be at the forefront of a modern, cloud-focused Security Operations Center.
● Receive excellent training and mentorship to build a career in cybersecurity.
● Gain foundational experience with cutting-edge cloud security, automation, and threat intelligence technologies.
● A clear career path for growth into L2, L3, and other senior security roles.