SOC L1

**Description**:

- As a Security Analyst (Tier 1), you will be responsible for monitoring in-house and client security alerts/incidents while working in shifts.
- Primary responsibilities include monitoring SIEM platform triaging alerts, work to cover 24/7 service with (8+1) hour work shifts.
- Participating in threat-actor based investigations, suggesting new detection methodologies and providing expert support to alerting, incident response and monitoring functions.
- Day to day operations involves dealing with SIEM Monitoring, various reporting and security incident handling.

**Requirements**:

- Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
- Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
- Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
- Linux incident handling skill would be ideal
- Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
- Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.