IT Security Analyst I

Overview

Job Description

The SecOps L1 Analyst is responsible for monitoring security systems, identifying potential threats, and escalating incidents for deeper investigation. This role provides the first line of defense in the Security Operations Center (SOC), ensuring timely detection and response to security events.

Key Responsibilities

• Monitoring & Alert Handling
• Continuously monitor SIEM, EDR, IDS/IPS, and other security platforms for alerts.
• Perform initial triage to distinguish false positives from genuine threats.
• Escalate validated incidents to L2 analysts with detailed context.
• Incident Documentation
• Record all alerts, actions taken, and escalations in SOC tools.
• Maintain accurate incident logs and ensure compliance with reporting standards.
• Contribute to knowledge base articles for recurring issues.
• Threat Awareness
• Stay updated on common attack vectors (phishing, malware, brute force, insider threats).
• Apply basic threat intelligence to contextualize alerts.
• Support vulnerability management activities by reporting observed risks.
• Collaboration & Support
• Work closely with L2/L3 analysts and SOC managers.
• Provide timely communication to stakeholders during incidents.
• Participate in shift handovers and ensure continuity of monitoring.
• Process Adherence
• Follow SOC playbooks and standard operating procedures (SOPs).
• Ensure compliance with ITIL incident management workflows.
• Support audits and reviews by providing accurate incident data.
  
  

• 1-3 years of security experience SOC
• Basic knowledge of SIEM platforms (SecureWorks , Splunk, QRadar, Sentinel) and endpoint security tools.
• Understanding of networking fundamentals (TCP/IP, firewalls, VPNs).
• Familiarity with common attack types and security best practices.
• Strong attention to detail, documentation, and communication skills.
  
  

• CompTIA Security+, CEH, or equivalent entry level security certifications.
• Exposure to cloud security monitoring (Azure, AWS, GCP).
• Experience with ticketing systems (ServiceNow, Remedy, Jira).
  
  

Job Requirements

Details:

Required Skills & Experience

• 1-3 years of security experience SOC
• Basic knowledge of SIEM platforms (SecureWorks , Splunk, QRadar, Sentinel) and endpoint security tools.
• Understanding of networking fundamentals (TCP/IP, firewalls, VPNs).
• Familiarity with common attack types and security best practices.
• Strong attention to detail, documentation, and communication skills.