Cybersecurity SOC Analyst Tier 1

About Us: Building on decades of experience in delivering managed security services to some of the world's largest and highest-profile companies, the LevelBlue Security Operations Center (SOC) has a dedicated team of security analysts who are solely focused on helping customers protect their business by identifying and disrupting advanced threats around the clock. The LevelBlue Managed Threat Detection and Response SOC analyst team handles daily security operations for our customers so their existing security staff can focus on strategic work.

Job Description: As a Tier 1 Cybersecurity SOC Analyst, you will play a critical role in safeguarding our customers' networks and systems by identifying, analyzing, and mitigating security threats. You will monitor and analyze security events using a SIEM and other advanced security tools, categorizing threats and responding to incidents swiftly and effectively. In this collaborative environment, you will communicate with customers through verbal and written channels, adhering to Service Level Agreements, and ensure seamless knowledge transfer during shift turnovers. Additionally, you will stay informed on the latest cybersecurity trends and threats, contributing to the continuous improvement of our Security Operations Center (SOC) processes.

Key Responsibilities:

• Analyzing alarms and logs originating from customer's infrastructure to identify security threats, vulnerabilities and provide recommendations on remediation.
• Leverage alarms generated by a SIEM and analyze respective logs within an environment to determine and categorize threats against networks - escalating potential true-positive threats, while categorizing and tagging false-positive threats.
• Effectively communicate to customers through verbal and written communications, in accordance with Service Level Agreements.
• Perform regular shift turnovers to ensure effective transfer of knowledge to the next shift
• Monitoring shared inbox and customer hotline for live customer interaction and 24x7 customer support
• Monitor and analyze security events using SIEM systems and other security tools.
• Identify and respond to security incidents, ensuring timely resolution and mitigation.
• Collaborate with team members and stakeholders to communicate security incidents and updates effectively.
• Stay current with the latest cybersecurity trends, threats, and intelligence to ensure proactive defense measures.
• Contribute to the continuous improvement of our Security Operations Center (SOC) processes.

Qualifications:

Knowledge:

• In-depth understanding of cybersecurity principles and concepts.
• Familiarity with common security threats, vulnerabilities, misconfigurations, and exploits.
• Solid understanding of network protocols and security infrastructure.
• Knowledge of Security Operations Center (SOC) processes.
• Understanding of Windows and Linux normal operational baselines

Skills:

• Proficiency in identifying, analyzing, and mitigating security threats.
• Experience using security tools, particularly SIEM and EDR tools.
• Strong communication skills for clear and effective incident reporting.
• Analytical skills for understanding complex threat patterns and attack vectors.
• Ability to analyze and baseline activities within a network environment
• Leverage OSINT (Open-Source Intelligence) and resources to assist in threat mitigation classifications and remediation recommendations.

Abilities:

• Effective response to security incidents with a calm and focused approach.
• Ability to work and effectively communicate collaboratively within a team environment.
• Capability to manage stress and perform well under pressure.
• Continuous learning to stay updated with the latest security trends and threat intelligence.

Other Characteristics:

• Ethical and professional conduct in all security matters.
• Keen attention to detail.
• Strong problem-solving mindset.
• Commitment to continuous learning and improvement.
• Commitment to maintain awareness of the current threat landscape, including knowledge of increased threat actor activity, commonly exploited vulnerabilities, and their respective mitigation steps.

Education:

• Bachelor's degree in Information Systems, Engineering, Cybersecurity, or related field is preferred.
• At least one of the following CompTIA Security+, CYSA+, ISC2 SSCP and other equivalent certifications preferred

Experience:

• 1-2 years of experience in Cybersecurity or a related field

Must be amenable for a Hybrid Set-up and Shifting Schedule