SOC Analyst - Tier 1 (Night Shift and Weekends)

Tier 1 SOC Analyst Responsibilities

• Monitor security event logs and alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. 
• Conduct initial triage and investigation of security incidents, following established procedures and guidelines. 
• Escalate and collaborate with Tier 2 and Tier 3 SOC Analysts, Incident Response teams, and the SOC Lead/Program Manager to ensure timely and effective incident response, resolution, and reporting.
• Provide first-level analysis of security events, performing data analysis and correlation to identify potential threats and vulnerabilities. 
• Generate and maintain accurate documentation of security incidents, including incident reports, investigation findings, and remediation actions. 
• Monitor threat intelligence sources and stay informed about the latest security vulnerabilities, exploits, and attack techniques. 
• Participate in shift rotations to provide 24/7 coverage of the SOC operations. 
• Develop and continuously improve SOC processes and workflows to enhance detection and response capabilities, and assist in the documentation of SOC processes.
• Participate in tabletop exercises and incident response drills to test and validate the effectiveness of SOC procedures. 

Tier 1 SOC Analyst Requirements

• U.S. Citizenship Required.
• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience). 
• Proven experience (2+ years) in a SOC or security-related role, with a focus on incident monitoring, analysis, and response. 
• Familiarity with security technologies and tools such as SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection systems. 
• Understanding of common network protocols (TCP/IP, DNS, HTTP, etc.) and their role in security monitoring. 
• Knowledge of security incident response methodologies and best practices. 
• Familiarity with various operating systems (Windows, Linux, etc.) and their security features. 
• Basic understanding of malware analysis and its impact on security incidents. 
• Strong analytical and problem-solving skills, with the ability to work under pressure and meet tight deadlines. 
• Excellent communication skills, both written and verbal, with the ability to effectively document and report on security incidents. 
• Security certifications such as CompTIA Security+, GCIH, or GCIA are highly desirable. 
• Experience with threat hunting and proactive detection techniques. 
• Familiarity with log analysis and familiarity with log management tools. 
• Understanding of common cybersecurity frameworks such as NIST, ISO 27001, or CIS Controls. 
• Knowledge of scripting languages (Python, PowerShell, etc.) for automation and data analysis. 
• Familiarity with cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP). 
• Ability to work collaboratively in a team environment and effectively communicate with technical and non-technical stakeholders. 
• Continuous learning mindset and a passion for staying up to date with the latest cybersecurity trends and technologies.