SOC Analyst L1

Share :

Job Description

Responsible to triage cyber security incidents as a member of Security Operations Center incident responders’ team first line.

  • Continuously monitors the operating systems alert queue; triages security alerts; monitors health of operating systems security sensors and endpoints; collects data and context necessary to escalate to Tier 2 Analyst.
  • Continuously monitoring the operating systems alert queue using multiple tools, such as SIEM, EDR and custom-built system monitoring tools;
  • Continuously monitors health of operating systems security sensors;
  • Conduction initial triage of alerts to identify potential, false positives, policy violations, intrusion attempts and compromises on the system level;
  • Consolidating data from alert triage to provide context necessary to escalate to Tier 2 Analyst;
  • Escalate to Tier 2 Analyst with all necessary data for deeper analysis and review.

Minimum requirements:

  • Must be available locally within Qatar and should be able to provide NOC transfer
  • Knowledge about MS Windows and UNIX based systems
  • Knowledge TCP/IP version 4 and version 6
  • Security Event and Incident Monitoring System (SIEM), Orchestration tool and playbook response concept, Endpoint Detection and Response tool (EDR), Anti-malware systems, Intrusion Detection and Prevention Systems, Firewalls.

Required industry certificates:

  • Comp TIA CySA+ certificate – Cyber Security Analyst Certification – in good standing

Incident Response Fundamentals certificate – in good standing

Recommended industry certificates:

  • Analyst/Administrator for any SIEM solution industry leaders
  • Some of SANS, GIAC, ISACA, (ISC)2 certificates or trainings