Associate - L1 SOC Analyst

Overview

In the Digital Trust & Cybersecurity team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients' changing cybersecurity needs. The Level 1 SOC Analyst is responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. This role involves working in a 24 / 7 environment to detect, respond to, and mitigate security incidents. The L1 SOC Analyst will serve as the first line of defense in identifying potential threats and vulnerabilities within the organization’s network and systems. Responsibilities

Alert Triage & Investigation : Monitor for newly triggered alerts; look for alerts not yet marked as Open or Closed; collect more information to support the theory of the alerts under assessment; correlate alerts with other security devices; investigate the impact of the alerts. Shift Handover : Ensure that shift handovers are conducted clearly and concisely, including participating in the handover process, conducting the handover, preparing a shift handover report, and communicating information to the next shift personnel. Logger & SIEM Monitoring : Monitor and investigate if logs stop flowing to SIEM; reach out to the server owner, generate a list, work through the list, and report resolved items and methods used. Includes Linux (Syslogs) and Windows (permission, user status, password expiry). Jira Tickets : Attend to tickets sent to the client, respond to inquiries, or forward the ticket to the respective group / team. Incident Reporting : Detect and report tickets with log parser issues or false alarms to Infra / SIEM Engineer; review and analyze alerts generated by security tools and systems; escalate potential security incidents to higher-level analysts (L2 or L3) based on predefined criteria. Collaboration : Work as part of a problem-solving team to address complex security issues from strategy to execution. Qualifications

Graduates with a degree in Cybersecurity, Network Security or an equivalent field. 1–2 years of experience in Cybersecurity, SOC or surveillance. Proficiency in English, Malay; Mandarin is a must; proficiency in Cantonese is an added advantage. Familiarity with Linux and Windows is desirable, though not strictly necessary. Key Skills

Analytical thinking, alert triage, investigation, and incident response. Security monitoring, SIEM, login and log analysis. Communication, teamwork, and ability to work in a 24 / 7 environment.

#J-18808-Ljbffr