L1 Soc Analyst

LOCATION and SETUP: Quezon City / Work from Home
SCHEDULE: Shifting

QUALIFICATONS:
*Graduate of any Bachelors Degree course
*1-2 years of IT or cybersecurity-related experience; recent graduates with strong foundational knowledge and a willingness to learn may also be considered.
*Basic knowledge of network protocols, TCP/IP, firewalls, and endpoint security solutions.
*Ideally certified with entry-level qualifications like CompTIA Security+, Certified SOC Analyst (CSA), or GIAC Security Essentials (GSEC).
*Strong analytical thinking, attention to detail, and effective communication, especially in high-pressure situations

RESPONSIBILITIES:
? Monitoring & Detection:
*SIEM Tools: Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, QRadar, AlienVault, Rapid7) to monitor, analyse, and respond to alerts.
*Log Analysis: Ability to review logs from various sources (firewalls, IDS/IPS, endpoint protection) to detect anomalies and potential threats. Provide first-level contact to clients by manning virtual phones to receive called-in requests

? Incident Triage & Response:
*Initial Analysis: Conduct first-level triage of alerts, determining the nature of incidents, their severity, and potential impact.
*Escalation: Understand when to escalate incidents based on predefined criteria, involving senior analysts when necessary.
*Playbook Execution: Follow incident response playbooks and procedures for common threat scenarios like phishing, malware detection, and unauthorized access.

? Threat Intelligence & Reporting:
*Threat Awareness: Basic understanding of the latest threats, vulnerabilities, and attack methods.
*Documentation: Consistent and thorough documentation of incidents, resolutions, and actions taken.
*Collaboration: Clear communication with internal teams and external stakeholders for incident coordination.