Job Openings XTN-44F4953 | SOC ANALYST L1

About the job XTN-44F4953 | SOC ANALYST L1

The Junior SOC / Incident Response Analyst is responsible for monitoring, triaging, investigating, and escalating security events across the organization's environment. This role will work closely with Security Operations, Incident Response, able to identify and respond to potential threats while helping improve the overall security posture of the organization.

The ideal candidate has at least one year of experience working in a SOC, Incident Response, or Cybersecurity Operations environment and possesses a strong foundation in Microsoft security technologies, cloud security, and security monitoring.

  • Comprehensive health benefits
  • Diverse learning & growth opportunities
  • Accessible Cloud HR platform (Sprout)
  • Above standard leaves 
  • Monitor and triage security alerts generated by SIEM, EDR, cloud, and security monitoring platforms.
  • Investigate suspicious activity and determine appropriate response actions.
  • Escalate incidents according to established procedures and severity classifications.
  • Perform initial incident analysis, containment support, and evidence collection.
  • Review logs from endpoints, servers, cloud environments, network devices, and security tools.
  • Document investigations, findings, and remediation actions within ticketing systems.
  • Participate in shift handoffs and ensure continuity of ongoing investigations.
  • Assist with threat hunting, detection tuning, and security monitoring improvements.
  • Support vulnerability management and remediation efforts.
  • Collaborate with internal teams to investigate and resolve security events.
  • Contribute to the creation and maintenance of runbooks, playbooks, and operational procedures.
  • Stay informed of emerging threats, attack techniques, and industry trends.
  • Minimum of 1 year of experience in a Security Operations Center (SOC), Incident Response, or Cybersecurity Operations role.
  • Basic understanding of security operations and incident response processes.
  • Experience working with Microsoft security technologies, including:
    •  Microsoft Sentinel
    •  Microsoft Defender for Endpoint
    • Microsoft Defender for Office 365
    • Microsoft Entra ID (Azure AD)
    • Microsoft Security Portal
  • Familiarity with cloud technologies and security concepts in:
    • Microsoft Azure
    • Amazon Web Services (AWS)
    • Google Cloud Platform (GCP) (preferred)
  • Experience reviewing and analyzing security logs and alerts.
  • Familiarity with endpoint, network, and identity-based security controls.
  • Good written and verbal communication skills.
  • Industry certifications such as
    • Security+
    • Network+
  • Experience with:
    • Microsoft Sentinel
    • ServiceNow
    • Jira
    • EDR/XDR technologies
    • Threat intelligence platforms
  • Basic scripting experience using PowerShell, Python, or Kusto Query Language (KQL).

Desired Skills

  • Strong attention to detail.
  • Ability to prioritize and manage multiple investigations simultaneously.
  • Willingness to learn and grow within Incident Response and Security Operations.
  • Team-oriented mindset with a strong customer-service focus.
  • Ability to work effectively in a fast-paced security environment.