Security Analyst L1

As a Level 1 Security Analyst in a Managed Security Service Provider (MSSP), you are the first line of defense, responsible for monitoring and triaging security alerts across multiple client environments. You will use SIEM and other security tools to identify suspicious activities, elevate genuine threats, and ensure accurate documentation of incidents. This entry‑level role is ideal for candidates looking to grow their skills in a real‑world SOC environment while contributing to the protection of various organizations.

Key Responsibilities

• Monitor security alerts and events from SIEM, EDR, firewall logs and other tools across multiple client environments.
• Perform initial triage and classification of events to identify potential security incidents.
• Escalate alerts to Level 2 analysts according to established escalation and severity procedures.
• Create and maintain accurate tickets and investigation records in accordance with SLAs and internal guidelines.
• Support the execution of basic incident response procedures, such as isolating endpoints or disabling user accounts (based on pre‑approved playbooks).
• Follow documented SOPs, workflows and client‑specific instructions when handling security events.
• Assist with daily health checks of monitoring tools, ensuring data sources and integrations are functioning properly.
• Perform false positive analysis to improve alert quality over time.
• Participate in shift handovers and contribute to incident timelines and summaries.
• Collaborate with other SOC analysts to improve detection accuracy and response quality.
• Maintain awareness of current cyber threats and security news relevant to MSSP operations.

Requirements

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field—or equivalent hands‑on experience.

Exposure to or experience with security tools such as SIEM, EDR or IDS / IPS.

CompTIA Security+ or equivalent foundational cybersecurity certification.

#J-18808-Ljbffr