Security Operation Centre L1

The SOC L1 Analyst is the first line of defense in cybersecurity operations. They are responsible for monitoring, detecting, and logging potential threats using security tools and alerting systems. The L1 Analyst performs initial triage and escalation of suspicious activity to higher levels., * Monitor SIEM (Security Information & Event Management) tools for alerts and anomalies.

• Perform initial investigation and triage on security events.
• Escalate confirmed or critical incidents to SOC L2.
• Document incidents in ticketing systems (e.g., ServiceNow, JIRA).
• Maintain logs and daily reports for incident trends.
• Monitor firewalls, IDS/IPS, EDR, and antivirus systems for suspicious behavior.
• Assist in phishing investigations and malware alert review.
• Follow standard incident response playbooks.
• Participate in shift-based 24/7 monitoring.

Do you have experience in Windows?, Do you have a Bachelor's degree?, * Understanding of networking fundamentals (TCP/IP, DNS, ports, protocols).

• Basic knowledge of Windows/Linux systems and security logs.
• Familiarity with SIEM tools (e.g., Splunk, QRadar, Azure Sentinel).
• Strong analytical and documentation skills.
• Ability to work under pressure and escalate issues promptly., * Diploma/Bachelor's in Cybersecurity, IT, or Computer Science.
• Preferred: CompTIA Security+, EC-Council CSA, Microsoft SC-900 / SC-200, Cisco CyberOps Associate.
• 3 years of experience in cybersecurity or IT monitoring.

Job Type: Full-time, * Bachelor's (required), * Security Operation Centre L1: 3 years (required)