SOC Analyst L1

Job Title:
Level 1 Security Operations Center (SOC) Analyst

Job Type:
 Full Time

Job Location:

• WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME
• Short notice period or immediate joiners are preferred.

Job Overview:

As a Level 1 SOC Analyst, you will be at the forefront of the organization's cybersecurity defenses, responsible for monitoring and analyzing security alerts to detect and respond to potential threats. Utilizing advanced tools such as Microsoft Sentinel, you will triage security events, investigate anomalies, and collaborate with senior analysts to safeguard digital assets. This role provides an excellent foundation for aspiring cybersecurity professionals, offering hands-on experience in a dynamic and fast-paced environment.

Key Responsibilities:

Monitoring and Threat Detection:

·     Actively monitor Microsoft Sentinel for security alerts and identify potential threats to the organization's environment.

·     Evaluate and prioritize security events based on severity and potential impact.

·     Detect suspicious behaviors and patterns using event logs, network data, and other security tools.

Incident Investigation:

·     Investigate alerts to identify indicators of compromise (IOCs) such as unauthorized access, malware activity, or phishing attempts.

·     Correlate data from multiple sources to build a comprehensive picture of potential security incidents.

·     Document findings and maintain detailed records of all events and actions taken.

Escalation and Collaboration:

·     Escalate verified security incidents to Level 2 analysts or the Incident Response team, providing detailed contextual information.

·     Collaborate with cross-functional teams to mitigate security risks effectively.

·     Maintain communication with stakeholders to ensure timely updates during incidents.

Initial Response and Remediation:

·     Perform basic response actions under supervision, such as disabling compromised accounts, blocking malicious IPs, or containing suspicious activities.

·     Support efforts to reduce false positives by fine-tuning detection rules and alert configurations.

·     Participate in 24/7 shift rotations, including weekends and public holidays, to ensure continuous monitoring coverage.

·     Ensure timely triage and escalation of alerts in accordance with defined SLA/OLA timelines.

Continuous Learning and Improvement:

·     Stay informed on cybersecurity trends, vulnerabilities, and emerging threats.

·     Participate in training programs to deepen your understanding of tools, techniques, and best practices.

·     Contribute to the refinement of SOC processes and playbooks.

Required Skills & Qualifications:

Education:

·      Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

Certifications:

·      Preferred:
CompTIA Security+, Microsoft Certified: Security Operations Analyst Associate, or equivalent entry-level cybersecurity certifications.

Technical Skills:

·      Familiarity with Microsoft Sentinel and other SIEM tools.

·      Utilize integrated tools such as Defender for Endpoint, JIRA Service Management, and SOAR platforms to support alert triage and response workflows.

·      Basic understanding of networking protocols (TCP/IP, DNS, VPNs) and operating system fundamentals.

·      Knowledge of cybersecurity principles, common threat types, and attack methods.

·      Ability to analyze log data, correlate events, and identify suspicious activities.

Soft Skills:

·      Strong analytical thinking and attention to detail.

·      Effective written and verbal communication skills to convey findings clearly.

·      Ability to multitask and adapt in a fast-paced environment.

·      Team-oriented mindset with a willingness to learn and grow.

·      Proven English communication skills supported by professional certifications such as IELTS, TOEIC, or BEC.

Experience:

·      1–2 years of experience in a cybersecurity, IT support, or related technical role.

·      Hands-on experience with basic troubleshooting and security tools is a plus.