Job Description
The SOC Analyst I is a junior/associate level, customer facing role responsible for 24×7 monitoring, initial triage, and escalation of security events. The analyst helps protect the organization by reviewing alerts, investigating suspicious activity, executing documented playbooks, and supporting incident response activities. This role focuses on day to day security operations across multiple domains such as network, endpoint, email, and application security, while contributing to the continuous improvement of SOC processes, documentation, and incident handling practices.
• Security Monitoring & Triage (60%)
o Monitor SIEM/SOAR and security tool queues for alerts; perform initial triage, enrichment, and severity classification.
o Investigate email borne threats (phishing, malware, BEC indicators) using consoles and reports; quarantine/contain per playbooks.
o Review WAF events (rules, thresholds, bot activity, anomalies), validate true/false positives, an...