SOC Analyst L1

Security analysts

Location:

Requirement type:

2 to 5 years

Role and Responsibilities:

Security Engineering:

• Implement, and manage enterprise-grade security solutions across network, endpoint, cloud, and email layers.
• Lead the deployment and lifecycle management of Data Loss Prevention (DLP) technologies, ensuring sensitive data is protected across all vectors (email, web, endpoint, cloud).
• Administer and optimize Zscaler ZIA/ZPA for secure internet access and zero trust network access, including policy tuning, SSL inspection, and user segmentation.
• Administer and maintain Proofpoint for advanced email threat protection, including phishing defense, business email compromise (BEC) detection, and DMARC enforcement.
• Administer and maintain SIEM,SOAR platforms (e.g., Splunk ,Palo Alto Cortex XSOAR) to automate repetitive tasks, enrich alerts, and streamline incident response workflows.
• Deploy and manage XDR solutions (e.g., SentinelOne, CrowdStrike, Microsoft Defender XDR) to unify telemetry across endpoints, cloud, and identity platforms for enhanced threat detection and response.
• Collaborate with IT and DevOps teams to embed security controls in CI/CD pipelines and cloud infrastructure (AWS, Azure, GCP).
• Conduct security architecture reviews and recommend improvements for application, infrastructure, and cloud security posture.
• Perform security tool integrations with SIEM, ticketing systems, threat intelligence platforms, and vulnerability scanners.
• Develop and maintain custom detection rules, parsers, and dashboards in SIEM and XDR platforms to improve visibility and reduce false positives.
• Lead proof-of-concept (PoC) evaluations for new security technologies and drive vendor selection processes.
  

SOC Operations & Incident Response:

• Lead and coordinate the end-to-end incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review.
• Perform alert triaging and prioritize incidents based on severity, impact, and business context.
• Conduct root cause analysis (RCA) and create detailed incident reports for stakeholders and compliance teams.
• Utilize MITRE ATT&CK and OWASP Top 10 frameworks to map adversary behavior and identify gaps in detection and response.
• Develop and maintain incident playbooks and runbooks for common attack scenarios (e.g., phishing, malware, insider threats).
• Drive threat hunting initiatives using SIEM, XDR, and threat intelligence feeds to proactively identify suspicious activity.
• Conduct tabletop exercises and red/blue team simulations to test and improve incident response readiness.
• Ensure timely escalation and communication of critical incidents to leadership and affected business units.
  

Skills and Qualifications:

• Bachelor Degree in Computer science (Engineering & Technology desired), Management of information Systems, computer security or equivalent.
• Basic understanding on Malwares, CIA triad, Cyber Kill chain, Networking.
• Deep understanding of network security, endpoint protection, cloud security, and email threat vectors.
• Familiarity with OWASP Top 10, MITRE ATT&CK, and NIST cybersecurity frameworks.
• Basic knowledge of Information Security, Network devices, Security devices, Server security, Application Security, etc. Keen to learn new security technologies and how information security operates.
• Keen on entering the information security world and developing oneself in that direction.
• Well-developed logical thinking capabilities, in order to be able to investigate cases.
• Able to work in shift schedule.
• Basic knowledge about Automation tool, AI and Network security
• Excellent social, communication, and writing skills