Level 1 (L1) SOC Analyst

Position Title

Level 1 (L1) SOC Analyst

Location

Abu Dhabi

Job Type

Full Time

Role Overview

The Level 1 SOC Analyst is responsible for the initial monitoring, triage, and escalation of security incidents within the Security Operations Center (SOC). This role focuses on real-time threat detection, log analysis, and first-level response activities.

Key Responsibilities

• Monitor SIEM (Security Information and Event Management) tools to identify suspicious activities, alerts, and security incidents.
• Perform initial triage of security alerts to determine severity, urgency, and potential impact.
• Escalate confirmed security incidents to Level 2 SOC Analysts for further investigation.
• Identify false positives and adjust monitoring rules accordingly.
• Assist in executing predefined incident response playbooks for common security incidents.
• Document all alerts, incidents, and actions taken in the SOC's ticketing system.
• Support vulnerability scanning activities by providing relevant insights and reporting potential exposures.
• Collaborate with IT and security teams to remediate detected threats when appropriate.

Required Qualifications and Skills

• 2-6 years experience in SOC operations, security monitoring, or incident response.
• Proficiency in using SIEM platforms such as Splunk, QRadar, or Microsoft Sentinel.
• Familiarity with SOAR (Security Orchestration, Automation, and Response) tools and automation playbooks.
• Ability to identify and analyze common security threats such as phishing, malware, and unauthorized access.
• Strong understanding of network protocols, firewall logs, and intrusion detection systems (IDS/IPS).
• Excellent documentation and reporting skills.
• Certifications such as CompTIA Security+, EC-Council CEH, or equivalent are preferred.