SOC Analyst Tier 1

Brief

CC.Talent is in search of SOC Analyst Tier 1 who will be responsible for initial alert triage and providing rapid responses to security incidents. This role involves continuous monitoring of security events, performing basic analysis, and escalating incidents as needed. The Tier 1 analyst is the first line of defense in the Security Operations Center (SOC), ensuring that potential security issues are promptly identified and addressed.

Client Details

Our client operates managed services (24/7) for organizations of any size lacking the resources or expertise to establish a security operations center (SOC). With a team of highly skilled dedicated security specialists, they ensure swift threat detection, response, and remediation across all levels.

Responsibilities

• Monitoring and Alert Management:

  • Continuously monitor security alerts from various detection systems (SIEM, IDS/IPS, antivirus, etc.).

  • Perform initial triage of security events to determine their severity and scope.

  • Document and escalate incidents following established procedures.

  • Ensure alerting and response procedures are executed promptly and accurately.

• Basic Incident Response:

  • Conduct preliminary analysis of security incidents to identify potential threats.

  • Recommend initial remediation steps based on the nature of the incident.

  • Work with Tier 2 and Tier 3 analysts to address and resolve security incidents.

  • Maintain up-to-date knowledge of common threat vectors and mitigation strategies.

• Documentation and Reporting:

  • Maintain detailed and accurate records of security events and incident responses.

  • Produce regular reports on security incidents and trends.

  • Ensure that incident response documentation is current and comprehensive.

• Collaboration and Communication:

  • Communicate effectively with other SOC team members and relevant IT staff.

  • Assist in the handover of incidents to Tier 2 and Tier 3 analysts.

  • Participate in regular team meetings and incident debriefs.

  • Provide clear and concise incident summaries to management and stakeholders.

• Continuous Improvement:

  • Participate in regular training sessions to improve knowledge and skills.

  • Provide feedback on the effectiveness of SOC tools and processes.

  • Recommend improvements to detection and response procedure.

Qualifications

• 1+ years of experience in information security or IT, with a focus on security monitoring and incident response.

• Proficiency in the following skills/technologies:

  • monitoring, detection, and incident handling

  • experience with Rapid7

  • implementation and management of IDS/IPS, Firewall, VPN, and other security products

  • Security Information Event Management (SIEM) tools

  • TCP/IP network traffic and event log analysis

• Ability to work independently and as part of a team, handling incidents and contributing to security projects.

• Curiosity, problem-solving mentality, and a keen interest in growing within the security field.

• Good communication skills to interact with colleagues from technical and non-technical backgrounds.

• Detail-oriented and flexible to support 24/7 defensive SOC capabilities.

• Good communication skills in both spoken and written English

• Must be willing to work from the office in Pasay in a 24/7 shifting schedule.

• Bachelor's Degree in (Computer/Telecommunication), Mathematics, Science & Technology or equivalent.