The L1 Security Incident Analyst plays a key role in the monitoring, detection, and reporting of security incidents. This position is critical for the timely identification and escalation of potential threats, ensuring a proactive security posture.
Key Responsibilities:- 24/7 Eye-on-Glass Monitoring for designated platforms.
- Monitor security alerts and events using Security Information and Event Management (SIEM) tools.
- Conduct initial triage and analysis of security incidents to assess severity and impact.
- Escalate incidents to L2 analysts for further investigation when necessary.
- Document incident details, actions taken, and resolutions in the incident management system.
- Assist in maintaining security monitoring tools and dashboards.
- Support security awareness initiatives for end-users.
- Participate in shift rotations, ensuring continuous 24/7 security monitoring.
Shift Schedule:- Employees will work in a 24/7 shift rotation, as defined by the team.
- The shift roster is planned monthly, with one week of night shifts per month.
Required Skills & Qualifications:Education:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
Certifications (Preferred):
- CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent entry-level certifications.
Experience:
- 1-2 years of experience in security operations or a similar information security role.
Technical Skills:
- Basic understanding of security technologies such as firewalls, IDS/IPS, antivirus, CASB, EDR.
- Familiarity with SIEM tools (e.g., QRadar, Splunk, etc.).
- Basic knowledge of networking concepts (TCP/IP, DNS, etc.).
- Understanding of security incident classification and triage processes.
- Strong written and verbal communication skills.