[For K-Youth Post-Programme & MyMahir Train-And-Place Programme Talents]

Open To: All courses

Your Role:

In the Digital Trust & Cybersecurity team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients' changing cybersecurity needs. The Level 1 SOC Analyst is responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. This role involves working in a 24/7 environment to detect, respond to, and mitigate security incidents. The L1 SOC Analyst will serve as the first line of defense in identifying potential threats and vulnerabilities within the organization’s network and systems.

Key Accountabilities:

• Alert Triage & Investigation:

- Monitor for newly triggered alerts. Also look for alerts not yet marked as Open or Closed

- Collect more information to support the theory of the alerts under assessment

- Correlate alerts with other security devices

- Investigate the impact of the alerts

• Ensure that shift handovers are conducted clearly and concisely which includes:

- Participating in shift handover process

- Conducting shift handover

- Preparing shift handover report

- Communicating shift handover information to next shift personnel

• Monitor and investigate if the logs from the stopped flowing to SIEM. Reach out to the Server owner. Generate a list and work on the list. Report the ones resolved, and the method used.

- Linux - Syslogs - get in touch with server owner

- Windows - check for permission, user status (disabled/activate), password expiry (local user). User ID for windows collections is Irsvrcollector.

• Attend to Jira tickets sent to the client. Response to inquiry or forward the ticket to the respective group/team.

• Detect and report ticket with log parser issue to Infra/SIEM Engineer

• Detect and report ticket with False Alarm to Infra/SIEM Engineer

• Authorised to review and analyse alerts generated by security tools and systems.

• Empowered to escalate potential security incidents to higher-level analysts (L2 or L3) based on predefined criteria

2. Key Working Relationships:

• SOC Level 2 Analysts

• SOC Manager / Team Lead

• Incident Response Team

• IT Operations Team

• Network Security Engineers

3. Skills, Experience and Qualifications:

Education:

- Diploma in Computer Science, Information Security, or a related field. Equivalent experience may be considered.

Experience:

- 0-1 year of experience in information security, network security, or a related field preferred.

- Experience with security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls).

Skills and Competencies:

- Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.).

- Basic knowledge of common operating systems (Windows, Linux) and their security configurations.

- Familiarity with cybersecurity frameworks and standards (e.g., NIST, ISO 27001).

- Strong analytical and problem-solving skills.

- Excellent written and verbal communication skills.

- Ability to work in a fast-paced, 24/7 environment.

Certifications:

- Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) are a plus.