SOC Analyst (Level 1) - Remote

Position Overview

We are seeking a motivated SOC Analyst (L1) to join our remote Security Operations Center team. The SOC Analyst (L1) will be the first line of defense in monitoring, detecting, triaging, and escalating cybersecurity incidents. This role is ideal for candidates with foundational cybersecurity knowledge, strong analytical skills, and the ability to work in a 24/7 shift environment.

Key Responsibilities

• Monitor SIEM/EDR tools for security alerts, suspicious activity, and potential threats.
• Perform initial triage of security events and classify alerts based on severity and impact.
• Escalate confirmed or high-priority incidents to SOC L2/L3 teams.
• Follow standard operating procedures (SOPs) for alert handling and incident escalation.
• Document findings, actions taken, and escalate detailed cases in ticketing systems (e.g., ServiceNow, JIRA).
• Support containment efforts under guidance from senior analysts.
• Correlate alerts with known threat indicators (IP addresses, domains, hashes).
• Conduct basic threat hunting using logs and available threat intelligence sources.
• Ensure timely acknowledgment and resolution/escalation of alerts.
• Participate in daily shift handovers and reporting.
• Maintain awareness of emerging threats and vulnerabilities.

Requirements

Education & Certifications

• Bachelors degree in Computer Science, IT, Cybersecurity, or equivalent practical experience.
• Security certifications are a plus: CompTIA Security+, CySA+, CCNA Security, Microsoft SC-200, Splunk/QRadar/Arcsight fundamentals, or equivalent.

Skills & Experience

• 1-3 years of experience in IT Security, SOC, or related field.
• Familiarity with SIEM tools (e.g., QRadar, Splunk, SentinelOne, Microsoft Defender for Endpoint, etc.).
• Basic understanding of networking concepts (TCP/IP, DNS, HTTP, VPN, firewalls).
• Knowledge of cybersecurity fundamentals (malware types, phishing, brute force, MITRE ATT&CK basics).
• Strong communication, documentation, and problem-solving skills.
• Ability to work 24/7 shifts in a remote environment.

Nice to Have

• Exposure to incident response processes.
• Hands-on lab or training experience with security monitoring tools.
• Knowledge of scripting (Python, PowerShell) for automation.

What We Offer

• Fully remote work environment with flexible shifts.
• Training and mentorship from senior SOC analysts.
• Career progression opportunities (SOC L2/L3, Incident Response, Threat Hunting).
• Competitive salary and benefits package.