The Level 1 Security Operations Center (SOC) analyst responsibilities include monitoring for security risks and acting upon information according to pre-defined procedures and thresholds. Analyst actions may include basic problem solving and issue remediation, as approved by SOC Level 1 Supervisor. Analyst will apply analytical thinking and develop trends and patterns relevant to their daily work, to be reviewed by SOC Level 1 Supervisor. Analyst may be required to participate in supporting activities requested by SOC Level 1 Supervisor or SOC Manager during business disruptions and escalations.
Primary responsibilities will include but are not limited to pre-defined monitoring tasks, review incoming emails or phones calls and following established escalation procedures to engage appropriate parties, as required. Candidate must have good analytic and communication skills and be capable of determining appropriate points of escalation.
- Act as the initial point of contact for the SOC, reviewing incoming e-mails and receiving phone calls and performing triage and/or escalating as required.
- Regularly check work queue for incoming assignments and complete all work daily
- Respond to work queue items utilizing pre-defined operational procedures
- Execute daily pre-defined monitoring tasks
- Utilize ticketing system to document all work steps taken
- Categorize malicious activity into appropriate predefined categories.
- Periodically analyze trends and patterns for work assigned
- Triage with other SOC Level 1 Analysts and SOC Level 1 Supervisor to discuss operational issues, trends, and patterns
- Work with SOC Level 2 Analysts, or other members of Security, to respond to and/or hand off tickets
- Escalate to SOC Level 1 Supervisor when ticket exceeds defined time to respond or when SOC Level 1 Analyst believes a risk needs further attention or oversight
- Strong analytical, critical thinking, and problem solving skills
- English communication skills – written and verbal (B1,B2: Intermediate / C1, C2: Advanced)
- Strong self-motivator able to execute tasks
- Strong inter-personal and networking skills
- Ability to work effectively in teams
- Able to effectively communicate with team members
- Able to keep highly confidential information private
- Proven ability to influence and achieve positive outcome
- Proven ability to follow operational procedures accurately
- Strong ability to multi-task and adapt to changing priorities and tasks
- Ability to work under stress and tight deadlines
- Ability to establish and maintain cross-functional and positive working relationships
- Computer skills: Outlook, Word, Excel, PPT
- Strong ability to learn new technical skills and systems
- Passionate desire for continuous learning of information security and physical security practices
- Internal candidates must have a minimum of 12 months in their current position