Security Operations Center Analyst - Level 1

Key Responsibilities:

- Monitoring and Threat Detection:

+ Actively monitor Microsoft Sentinel for security alerts and identify potential threats to

the organization's environment.

+ Evaluate and prioritize security events based on severity and potential impact.

+ Detect suspicious behaviors and patterns using event logs, network data, and other

security tools.

- Incident Investigation:

+ Investigate alerts to identify indicators of compromise (IOCs) such as unauthorized

access, malware activity, or phishing attempts.

+ Correlate data from multiple sources to build a comprehensive picture of potential

security incidents.

+ Document findings and maintain detailed records of all events and actions taken.

- Escalation and Collaboration:

+ Escalate verified security incidents to Level 2 analysts or the Incident Response team,

providing detailed contextual information.

+ Collaborate with cross-functional teams to mitigate security risks effectively.

+ Maintain communication with stakeholders to ensure timely updates during incidents.

- Initial Response and Remediation:

+ Perform basic response actions under supervision, such as disabling compromised

accounts, blocking malicious IPs, or containing suspicious activities.

+ Support efforts to reduce false positives by fine-tuning detection rules and alert

configurations.

- Continuous Learning and Improvement:

+ Stay informed on cybersecurity trends, vulnerabilities, and emerging threats.

+ Participate in training programs to deepen your understanding of tools, techniques, and

best practices.

+ Contribute to the refinement of SOC processes and playbooks.

Requirements:

- Education: Bachelor's degree in Computer Science, Information Security, or a related field

(or equivalent experience).

- Experience:

+ 2 years of experience in a cybersecurity, IT support, or related technical role.

+ Hands-on experience with basic troubleshooting and security tools is a plus.

- Certifications: Preferred: CompTIA Security+, Microsoft Certified: Security Operations

Analyst Associate, or equivalent entry-level cybersecurity certifications.

- Technical Skills:

+ Familiarity with Microsoft Sentinel and other SIEM tools.

+ Basic understanding of networking protocols (TCP/IP, DNS, VPNs) and operating

system fundamentals.

+ Knowledge of cybersecurity principles, common threat types, and attack methods.

+ Ability to analyze log data, correlate events, and identify suspicious activities.

- Soft Skills:

+ Strong analytical thinking and attention to detail.

+ Effective written and verbal communication skills to convey findings clearly.

+ Ability to multitask and adapt in a fast-paced environment.

+ Team-oriented mindset with a willingness to learn and grow.

Benefits:

- Competitive income according to ability.

- Pay social insurance, health insurance and enjoy full benefits according to labor law.

- Annual Leaves, 13th Month salary, ...

- Professional, dynamic working environment.