**Introduction** We are looking for an L1 SOC Analyst (Threat Monitoring) to join our Security Operations Center (SOC) team. As an L1 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security alerts, ensuring swift incident detection and escalation. This is an exciting opportunity for those who want to build a career in cybersecurity while working with cutting-edge security tools and methodologies. **Your role and responsibilities** * Monitor security alerts in real-time from SIEM and other security tools. * Perform Level 1 triage of security incidents by analyzing logs, network traffic, and endpoint events. * Investigate suspicious activity and escalate security events according to SOC guidelines. * Analyze and correlate security data from multiple sources to identify potential threats. * Coordinate with Level 2 and Level 3 analysts for complex investigations. * Escalate high-priority incidents and provide detailed incident reports. * Monitor the health of SIEM alerts and dependencies to ensure continuous security monitoring. * Assist in forensic investigations by gathering relevant security logs and evidence. * Identify and report false positives to fine-tune security monitoring rules. * Work within a ticketing system to document findings, actions, and resolutions. * Provide security recommendations for improving detection capabilities and security policies. * Support compliance and audit activities by maintaining security logs and incident documentation. **Required technical and professional expertise** * Basic to Intermediate knowledge of network security, TCP/IP, and troubleshooting. * Familiarity with SIEM platforms such as IBM QRadar, Splunk, ArcSight, Microsoft Sentinel, or LogRhythm. * Understanding of log analysis and ability to interpret system, network, and security logs. * Knowledge of firewalls, IDS/IPS, endpoint security, and anti-malware solutions. * Familiarity with MITRE ATT&CK Framework for understanding adversary tactics and techniques. * Basic knowledge of cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Controls, and ISO 27001. * Ability to identify and investigate phishing emails and suspicious file activity. * Familiarity with incident response processes and escalation procedures. * Basic knowledge of Linux/Unix and Windows operating systems. * Understanding of common network services (web, mail, DNS, authentication). * Knowledge of vulnerability management and basic remediation steps. * Understanding of threat intelligence sources and how they apply to SOC operations. * Strong analytical and problem-solving skills. * Excellent written and verbal communication skills. **Preferred technical and professional experience** * CompTIA Security* Certified SOC Analyst (CSA) * Microsoft Security Operations Analyst (SC-200) * GIAC Security Essentials (GSEC) * IBM QRadar SIEM Training * MITRE ATT&CK Defender (MAD) Certifications