Level 1 SOC Analyst

Job Description

As our Level 1 SOC Analyst, you will be the first line of defence in our 24/7 Security Operations Centre. You will monitor security alerts, investigate potential threats, and escalate critical incidents to L2 teams. This role is ideal for early‑career cybersecurity professionals who have foundational knowledge and are eager to grow their skills in a dynamic SOC environment.

You will work on a rotating shift schedule (7 AM–3 PM, 3 PM–11 PM, 11 PM–7 AM), including weekends and holidays, with two days off per week.

Responsibilities

• Monitor security alerts across SIEM, EDR, IDS/IPS, firewalls, and other security platforms
• Perform initial triage to determine false positives vs. actionable incidents
• Analyse logs, events, and indicators of compromise (IOCs)Follow SOC runbooks and SOPs for alert handling and escalation
• Create and update incident tickets with accurate details and timelines
• Escalate suspicious activity or confirmed incidents to SOC L2 analysts
• Conduct basic threat intelligence lookups (IP/URL/hash reputation)
• Support shift handovers and ensure smooth operational continuity
• Achieve SOC KPIs including TTT, TTQ, and SLA adherence
  
  

About SHQ

SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone. SecurityHQ – We’re focused on engineering cybersecurity, by design.

Job Reference Number

DB001

Essential Skills

• Basic understanding of cybersecurity concepts (malware, phishing, DDoS, brute force, etc.)
• Working knowledge of Windows and Linux OS fundamentals
• Familiarity with TCP/IP, DNS, HTTP/S, and basic network troubleshooting
• Exposure to SIEM tools (QRadar, Sentinel, etc.)
• Understanding of EDR/AV tools (Microsoft Defender, Trend Micro, SentinelOne, etc.)
• Ability to follow detailed procedures and work in a 24×7 environment
• Bachelor’s degree in IT, Computer Science, or equivalent experience
• 0–2 years’ experience in SOC or IT security operations
• Relevant certifications preferred: Security+, CEH (foundation), SC‑200 (nice to have)

---