Job Description
Job Description
SOC Analyst L1
The SOC Analyst L1 provides 24/7/365 monitoring, analyzes, and responds to cybersecurity alerts for the organization and clients. Provides rapid response to incoming security alerts, enriches those alerts with an initial triage effort and executes playbooks and report SOC manager with accurate documents.
Transparency! Due Diligence! Co-operation!
Primary Responsibilities
- Triage queued alerts (automated and referral) to determine if escalation to investigation is required.
- Identify malicious behaviors.
- Determine if incident reports contain all required information in the correct formats.
- Escalate all potential or malicious incidents to Senior SOC Analysts.
- Perform shift-rotated duties for 24/7/365 monitoring on-site.
- Support each investigation with appropriate analysis and document investigation activities, artifacts, and conclusions.
- Apply professional analytical and communication skills to track Incident reports and prepare detailed analyses that address key insights and conclusions to support decision-making.
- Support the maintenance and enhancement of existing policies, standards, procedures, checklists, and playbooks to align with the evolving educational landscape and requirements.
- Support the preparation and delivery of training and awareness campaigns.
- Familiarity with security tools such as SIEM, IDS/IPS, and firewalls.
Required Qualifications
- Bachelor’s degree in Computer Science, Computer Engineering, Cyber Security, Forensics, or related fields.
- Splunk Core Certified User Certificate.
- Knowledge of information of cyber security principles, and networking infrastructure.
- Excellent decision-making, interpersonal, written, verbal, presentation, and collaborative skills to work effectively with teams and external contacts.
- Adaptability, teamwork, and problem-solving skills.
- Proven self-starter with the ability to work under limited supervision, using initiative and independent judgment.
Preferred Qualifications
- Cyber Security-related certificates preferred.
- Microsoft Certified: Security Operations Analyst Associate (CS-200)
- Knowledge of scripting languages such as PowerShell or Python
- Experience with and understanding of infrastructure security concepts such as firewalls, endpoint security, web gateways, etc.
- Splunk Core Certified Power User Certificate and Knowledge of SolarWinds Network Monitoring.
Physical Demands/Work Environment
- The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- While performing the duties of this job, the employee may be regularly required to sit, stand, bend, reach and move about the facility.
- The environmental characteristic for this position is an office setting.