SOC Analyst - L1

Job Title:

Location:

Job Summary:

We are seeking a skilled Microsoft Sentinel SOC Analyst L1 to join our Security Operations Center (SOC) team. The ideal candidate should have strong knowledge in Microsoft Sentinel and a solid foundation in cybersecurity, cloud security principles, and network fundamentals. This role involves monitoring, detecting, and responding to security incidents, fine tuning SIEM configurations, and working closely with cross-functional teams to enhance overall security posture.

Key Responsibilities:

• Monitor security alerts and perform security incident investigations using Microsoft Sentinel.
• Develop, tune, and maintain analytics rules, workbooks, and playbooks within Microsoft Sentinel to detect and respond to threats effectively.
• Analyze security telemetry from cloud environments (Azure and others), on-premises infrastructure, and network devices.
• Perform log analysis, event correlation, and threat hunting using KQL (Kusto Query Language) within Sentinel.
• Maintain knowledge of cybersecurity best practices, cloud security frameworks (such as CSA, NIST), and emerging threats.
• Prepare regular reports and documentation on incidents, trends, and security posture.
• Assist with compliance assessments, risk analysis, and security process improvements.
• Participate in SOC team shift rotations and escalations for critical security events.

Required Qualifications:

• Proven experience in Microsoft Sentinel incident analysis and security monitoring.
• Strong understanding of cybersecurity fundamentals including threat landscapes, attack vectors, and defence mechanisms.
• Familiarity with cloud security principles, especially Azure security services (Microsoft Sentinel, Defender for Cloud, Azure AD).
• Basic networking knowledge including TCP/IP, firewalls, VPNs, and network traffic analysis.
• Hands-on experience writing and optimizing KQL for logs analysis.
• Experience with endpoint security, firewall logs, and IDS/IPS alerting.
• Ability to analyze and respond to security incidents accurately and quickly.
• Strong analytical skills with attention to detail and Excellent verbal and written communication skills.
• Willingness to work in a 24X7 rotational shift basis.

Documentation:

• Any Microsoft security/SOC related certifications are considered.