Search by job, company or skills

MERIL

Cyber Security Analyst

Save
  • Posted a day ago
  • Over 50 applicants

Job Description

SOC Analyst – Level 1 (L1)

Key Responsibilities

  • Monitor security alerts and events generated by the SIEM on a continuous basis.
  • Perform initial triage and classification of alerts to determine true positives, false positives, and priority level.
  • Escalate confirmed or high-priority incidents to L2/L3 analysts following defined escalation procedures.
  • Document all analyzed alerts and actions taken in the case management system (DFIR-IRIS).
  • Execute pre-approved response playbooks/workflows via the SOAR platform SOAR under L2 guidance.
  • Perform basic enrichment of alerts using threat intelligence data Thread Intel — e.g., checking IP/domain/hash reputation.
  • Monitor dashboards for system health, agent connectivity, and log ingestion status.
  • Follow standard operating procedures (SOPs) and playbooks for common alert types (malware, brute force, policy violations, etc.).
  • Maintain shift handover logs and communicate ongoing issues to the next shift.
  • Assist in the creation and refinement of detection rules and reports as directed by senior analysts.

Required Skills & Qualifications

  • Bachelor's degree in Computer Science, IT, Cybersecurity, or equivalent experience.
  • 0–2 years of experience in a SOC or IT security role.
  • Basic understanding of networking concepts (TCP/IP, DNS, HTTP/S, firewalls).
  • Familiarity with common attack techniques (phishing, malware, brute force) and the MITRE ATT&CK framework (basic level).
  • Basic knowledge of SIEM tools (Wazuh or similar) and log analysis.
  • Good verbal and written communication skills for shift handovers and reporting.
  • Ability to work rotational shifts, including nights/weekends.

SOC Analyst – Level 2 (L2)

Key Responsibilities

  • Investigate and analyze incidents escalated by L1 analysts, performing deeper root-cause and impact analysis.
  • Solid understanding of networking, operating systems (Windows/Linux), and common attack vectors.
  • Lead incident response activities, coordinating containment, eradication, and recovery actions.
  • Correlate data across SIEM, threat intelligence, and case management to build a complete picture of an incident.
  • Design, build, and refine automated response workflows/playbooks in SOAR to improve response times and reduce manual effort.
  • Perform threat hunting activities based on emerging threat intelligence, IOCs, and TTPs (Tactics, Techniques, and Procedures).
  • Tune and refine SIEM correlation rules to reduce false positives and improve detection accuracy.
  • Manage and update case records in , ensuring thorough documentation of evidence, timeline, and remediation steps.
  • Conduct malware analysis (static/basic dynamic) and file/system forensics when required.
  • Review and validate vulnerability scan results and SCA (Security Configuration Assessment) findings, prioritizing remediation with system owners.
  • Mentor and provide technical guidance to L1 analysts, reviewing their triage decisions and providing feedback.
  • Prepare detailed incident reports and executive summaries for management/client review.
  • Contribute to the continuous improvement of SOC processes, playbooks, and detection content.
  • Liaise with IT/infrastructure teams during incident containment and remediation activities.

Required Skills & Qualifications

  • Bachelor's degree in Computer Science, IT, Cybersecurity, or equivalent experience.
  • 1–2+ years of experience in a SOC, incident response, or security analyst role.
  • Solid understanding of networking, operating systems (Windows/Linux), and common attack vectors.
  • Hands-on experience with SIEM platforms (Wazuh preferred), log analysis, and correlation rule tuning.
  • Experience with SOAR platforms (Shuffle or similar) for workflow automation.
  • Familiarity with threat intelligence platforms (MISP) and applying IOCs/TTPs in investigations.
  • Experience with case management/incident response platforms (DFIR-IRIS or similar).
  • Strong understanding of the MITRE ATT&CK framework and its application in detection/investigation.

More Info

Job Type:
Industry:
Function:
Employment Type:

About Company

Job ID: 151117175