SOC Analyst

Description

Provide 24/7 visibility, proactive threat detection, rapid investigation, and continuous threat hunting. The SOC is the front line of defense and the backbone of security operations. 

Responsibilities 

• Monitor SIEM, EDR, and telemetry feeds for alerts

• Perform initial triage and classify security events

• Escalate incidents based on severity and impact

• Support playbook execution and ticket documentation 
  

Requirements

• Networking fundamentals (TCP/IP, HTTP, DNS). 

• Understanding of common attack vectors and IOCs. 

• Basic familiarity with MITRE ATT&CK. 

• OS log basics (Windows Event, syslog). 

 Tools & Platforms 

• SIEM (Trellix ESM, Splunk, QRadar) 

• EDR (Defender, Trellix ENS) 

• Threat Intel (MISP, VirusTotal, Rapid7) 

• Ticketing (Jira, ServiceNow)