We are looking for a proactive SOC Analyst (Level 1/2) to monitor, analyze, and respond to security alerts in real time. This role involves triaging events, identifying threats, and escalating incidents as necessary. The analyst will work with various security platforms, follow incident response playbooks, and contribute to continuous threat monitoring.

• Perform continuous real-time monitoring and analysis of security alerts

• Triage and validate security events, escalating potential threats per standard procedures.

• Investigate alerts using logs, network data, host-based evidence, and threat intelligence.

• Enrich alerts with contextual data and determine if events qualify as actionable incidents.

• Execute daily tasks such as reviewing tickets, applying identification playbooks, and escalating issues as required.

• Track incidents using ITSM tools and adhere to SLAs and SOPs.

• Identify and prioritize incidents based on severity and potential business impact.

• 2+ years of experience in a SOC environment (detection, response, remediation, or forensics).

• Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel) and EDR/XDR tools.

• Familiarity with Microsoft Defender, CSPM/CWP, and WAF/API security solutions.

• Understanding of MITRE ATT&CK and SANS frameworks.

• Knowledge of cloud security (preferably Azure).

• Strong communication skills and ability to follow change management processes.

• Industry certifications (e.g., CompTIA Security+, CySA+, GIAC) are an asset.

This is a great opportunity for an analyst looking to grow in a collaborative SOC environment while gaining exposure to advanced security technologies and threat detection strategies.