L1 Soc Analyst

LOCATION and SETUP: Quezon City / Work from Home
SCHEDULE: Shifting

QUALIFICATONS: Graduate of any Bachelors Degree course1-2 years of IT or cybersecurity-related experience; recent graduates with strong foundational knowledge and a willingness to learn may also be considered.Basic knowledge of network protocols, TCP/IP, firewalls, and endpoint security solutions.Ideally certified with entry-level qualifications like CompTIA Security+, Certified SOC Analyst (CSA), or GIAC Security Essentials (GSEC).Strong analytical thinking, attention to detail, and effective communication, especially in high-pressure situations RESPONSIBILITIES: ? Monitoring & Detection: SIEM Tools: Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, QRadar, AlienVault, Rapid7) to monitor, analyse, and respond to alerts.Log Analysis: Ability to review logs from various sources (firewalls, IDS/IPS, endpoint protection) to detect anomalies and potential threats. Provide first-level contact to clients by manning virtual phones to receive called-in requests ? Incident Triage & Response: Initial Analysis: Conduct first-level triage of alerts, determining the nature of incidents, their severity, and potential impact.Escalation: Understand when to escalate incidents based on predefined criteria, involving senior analysts when necessary.Playbook Execution: Follow incident response playbooks and procedures for common threat scenarios like phishing, malware detection, and unauthorized access. ? Threat Intelligence & Reporting: Threat Awareness: Basic understanding of the latest threats, vulnerabilities, and attack methods.Documentation: Consistent and thorough documentation of incidents, resolutions, and actions taken.Collaboration: Clear communication with internal teams and external stakeholders for incident coordination.