L1 Support Operation Analyst

Key Responsbilities:

Security Operations:Work across multiple shifts to ensure 24/7 security monitoring and incident response.Oversee threat detection and response using SIEM, NIDS, and endpoint protection platforms.Administer and maintain Trellix ePO for endpoint security and policy enforcement.Monitor and manage alerts from Network Intrusion Detection Systems (NIDS).Coordinate incident tracking and resolution using ServiceNow.Collaborate with IT and facilities teams via Maximo for infrastructure-related security events.

Governance & Compliance:Ensure SOC operations align with internal policies and external regulatory requirements (e.g., ISO 27001, NIST, GDPR).Maintain and update SOC playbooks, SOPs, and escalation matrices.Participate in internal and external audits, ensuring readiness and compliance.

Reporting & Metrics:Generate and present regular reports on SOC performance, incident trends, and threat landscape.Track and report KPIs such as MTTR, false positive rates, analyst efficiency, and SLA adherence.Provide executive-level summaries and dashboards for senior leadership and governance forums.

Continuous Improvement:Drive automation and optimization of SOC workflows and alert triage.Collaborate with threat intelligence, IR, and vulnerability management teams to enhance detection capabilities.Evaluate and recommend new tools and technologies to improve SOC effectiveness.

Required Qualifications:

Bachelors or Masters degree in Cybersecurity, Information Technology, or related field.Minimum 3 years of experience in SOC operations.Strong experience with SIEM platforms, Trellix ePO, NIDS, ServiceNow, and Maximo.Solid understanding of incident response, malware analysis, and threat intelligence.Excellent leadership, communication, and analytical skills.Relevant certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent is preferrable.

Preferred Qualifications: