SOC Tier1

Key Accountabilities:-Assist in Security Monitoring OperationsSupport the Senior Security Engineer and Security Manager in operating and monitoring security platforms such as SIEM, SOAR, EDR/XDR, firewalls, and other security monitoring tools in accordance with established procedures.Perform continuous monitoring of alerts, events, and the operational health of security monitoring tools, escalating abnormalities, suspicious activity, or platform issues to senior team members for further investigation or remediation.Monitor Security Alerts and Escalate IncidentsContinuously monitor security logs, alerts, events, and dashboards across security platforms to identify potential threats, suspicious activity, and indicators of compromise, performing initial triage and validation in accordance with defined playbooks.Escalate confirmed or high-priority security incidents to the Senior Security Engineer or Security Manager for deeper investigation, containment, and resolution, ensuring proper ticketing, documentation, recommend security rules tunning, and confirm handoff procedures are followed.Support Vulnerability Monitoring ActivitiesSupport the execution and monitoring of scheduled vulnerability scans using approved tools and predefined procedures under the guidance of the Senior Security Engineer.Review, document, and report scan findings, suspicious exposures, or critical observations to senior team members for analysis, prioritization, and remediation follow-up.Participating in Incident Response ActivitiesSupport incident response activities by following established procedures and playbooks to perform initial analysis, assist with alert triage, and support approved first-level containment actions during security incidents.Contribute to incident recovery efforts through proper escalation support, evidence collection, incident documentation, and participation in post-incident reporting and lessons learned activities.Maintain Security Operations DocumentationSupport the Security Manager in maintaining and updating SOC procedures, operational runbooks, incident records, and security documentation in alignment with established policies and processes.Ensure documentation related to incidents, monitoring activities, and operational procedures is accurate, complete, and readily available to support audits, compliance reviews, and security investigations.Support Security Awareness InitiativesSupport the Security Manager and Senior Security Engineer in preparing and distributing materials for security awareness and phishing awareness initiatives.Reinforce basic cybersecurity best practices among employees, including password hygiene, phishing recognition, and secure user behavior, while supporting awareness campaigns and reporting of suspected security events.Collaborate with IT Teams on Security Operations ActivitiesWork with the Technology Services Manager and IT teams to support operational security activities, including monitoring security-related changes, validating control updates, and coordinating activities such as patching and access control reviews.Assist in identifying, escalating, and supporting resolution of low-complexity security-related issues, coordinating with relevant IT teams in accordance with established procedures.Contribute to Basic Automation TasksSupport the Senior Security Engineer in executing and maintaining basic security automation tasks, such as log collection, alert enrichment, and routine report generation, in accordance with approved procedures.Identify opportunities to streamline repetitive operational tasks, improve monitoring efficiency, and suggest enhancements to playbooks, workflows, and automation use cases.Requirements:-Bachelor’s degree in a related field, such as Information Technology, Computer Science, Cybersecurity, or Management Information Systems.1 to 3 years of hands-on experience in a SOC, cybersecurity monitoring, or information security operationsITI/NTI Security track is highly preferred.CompTIA Security+, CEH, or equivalent entry-level cybersecurity certifications are preferred.Hands-on training or practical exposure through recognized cyber range and CTF platforms such as TryHackMe, Hack the Box, CyberDefenders, or similar platforms is highly preferred.Familiarity with security monitoring platforms such as SIEM, SOAR, EDR/XDR and IDS/IPS is preferred.Ability to monitor, analyze, and perform initial triage of security logs, alerts, events, and suspicious activities.Knowledge of security incident detection, incident escalation processes, and SOC operating procedures/playbooks.Understanding of common cyber threats, attack techniques, indicators of compromise (IOCs), and basic incident response concepts.Familiarity with ticketing systems, incident documentation, and case management processes.Basic understanding of log analysis, event correlation, and threat detection use cases.Familiarity with vulnerability management concepts and exposure to vulnerability scanning results is preferred.