The Associate Security Analyst (L1) will be responsible for monitoring multiple client environments to detect and identify Cybersecurity threats and incidents using various SOC technologies and tools.
Responsibilities:
- Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
- Handling tickets and large queues and efficiently prioritize based on criticality of alerts
- Reach out for assistance in case of initial triage/categorization/prioritization of alerts
- Correlate and analyze events using SIEM and other SOC tools to detect security incidents
- Monitor logs in/from multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources
- Monitor logs from endpoint data sources (Windows/Linux workstation/server/database…etc.)
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services
- Respond in a timely manner (within documented SLA) to support, investigate, and other cases
- Maintain a high degree of awareness of the current threat landscape
- Participate in knowledge sharing with other analysts and assist in writing technical articles for internal knowledge Bases and providing periodical reports to management
- Perform other essential duties as assigned
- Able to work in rotating shifts within a 24/7 operating environment
