Job Level
Entry Level
Tech Stack
AWSCyber SecurityFirewallsPython
About the role
- Provide Level 1 support by monitoring security alerts, investigating potential threats, managing cases and assisting in incident reporting and forensics.
- Monitor and analyze SIEM events, assessing their validity, severity, and potential impact.
- Understand and investigate all types of security events.
- Assist in vulnerability assessments and basic threat hunting.
- Review system, application and security logs to detect unusual or suspicious activities under guidance from senior SOC analysts.
- Investigate security incidents, document findings and report to senior analysts.
- Perform initial triage of events as per defined playbooks.
- Recommend improvements to monitoring use cases and alert tuning to reduce false positives.
- Support SOC operations and ensure adherence to security procedures.
- Stay updated on emerging threats and new attack techniques.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or course related to cybersecurity (fresh graduates or final-year students pursuing).
- Good understanding of networking, operating systems, and cybersecurity fundamentals.
- Knowledge of SIEM concepts and alert analysis.
- Basic knowledge of EDR/AV and network security tools.
- Basic understanding of AWS security tools (e.g., AWS CloudTrail, GuardDuty, IAM, Security Hub).
- Familiarity with endpoint security tools, firewalls or intrusion detection system is advantageous.
- Good understanding of MITRE ATT&CK, threat intelligence, and incident response methodologies.
- Basic scripting skills in Python, PowerShell, or Bash.
- Ability to work on low/medium-level incidents and escalate high/critical ones.
- Analytical and problem-solving skills, and ability to follow instructions.
- Regulatory compliance awareness (ISO 27001, NIST and CIS control).