Security Analyst L1

1 month, 1 week ago
Full-time
Junior
Cybersecurity
ProArch

ProArch

At ProArch, we help our clients accelerate growth and mitigate risk with IT services, cybersecurity services, application development, cloud computing, and data analytics. ProArch was founded on the belief that a future where change is ‘business as usu...

Internet Software & Services
251-1K
Founded 2006

Description

  • Monitor SOC dashboards and security alerts generated from SIEM/SOAR tools.
  • Perform first response, preliminary triage, and incident verification using enriched SOAR data.
  • Escalate likely true-positive incidents through the defined escalation workflow.
  • Notify clients about medium- and lower-priority alerts that may be false positives or benign events.
  • Assist senior analysts with triage, evidence collection, and incident documentation.
  • Report shift activity, alert handling, and downtime or tool outages to shift leads.
  • Develop, test, and fine-tune detection rules, use cases, thresholds, and alert logic.
  • Analyze security logs and telemetry for compromise, anomalies, and malicious behavior.
  • Collaborate with IT, Cloud Operations, and Application Development teams to reduce security risk.
  • Contribute to SOC process improvements, including SOPs, playbooks, runbooks, and escalation procedures.
  • Participate in red/blue team exercises and share threat knowledge with the SOC team.

Requirements

  • 2-3 years of experience in cybersecurity or a minimum of 2 years in a Cyber Security Operations Center.
  • Bachelor’s degree in computer science, engineering, IT, Computer Applications, or equivalent demonstrable IT security experience.
  • Strong understanding of cybersecurity principles and best practices.
  • Experience with SIEM systems, preferably Microsoft Sentinel.
  • Familiarity with SOAR workflows and incident response frameworks and methodologies.
  • Knowledge of Microsoft 365 Defender/Defender XDR, Defender for Endpoint, Defender for Office 365, and Entra ID Protection is preferred.
  • Knowledge of Microsoft Sentinel KQL for custom queries and rule creation is preferred.
  • Knowledge of security frameworks such as MITRE ATT&CK.
  • Experience or familiarity with CrowdStrike EDR and/or IDP is highly desirable.
  • Knowledge of ITIL Foundation Framework, vulnerability management tools, security awareness training tools such as KnowBe4, OT security alerts, or privacy compliance frameworks such as HIPAA, GDPR, and SHIELD is desirable.
  • Excellent analytical, problem-solving, written, verbal, and presentation skills.
  • Strong English communication skills are required, especially for a client base that is primarily in the USA.
  • Self-directed and able to prioritize alert inflow and SOC operations effectively.
  • Preferred certifications include Microsoft SC-200, SC-900, AZ-500, SC-300, SC-400, CompTIA Security+, CISSP, or CEH.
  • Ability to work effectively in a team environment with attention to detail and a proactive approach.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

German Speaking Fraud Investigator | Relocate to Sofia, Bulgaria

Mercier Consultancy Professional Services

German-speaking Fraud Investigator role in Sofia, Bulgaria, supporting an international team to review suspicious activity, investigate potential fraud, and protect customers and businesses from financial risk.

19 hours, 42 minutes ago

Security Controls Assessor (SCA) - Journeyman

Avint 11-50 IT Services

Avint is hiring a Journeyman Security Controls Assessor to support a critical federal contract by performing security assessments and compliance validation across organizational information systems within the RMF and A&A lifecycle.

AWS Azure Cybersecurity GCP Penetration Testing
19 hours, 42 minutes ago

Surveillance Officer

Prevail Partners 11-50 Professional Services

Prevail Partners is seeking experienced Surveillance Officers to support an Ultra High Net Worth client through discreet protective surveillance operations within a specialist security programme.

20 hours, 12 minutes ago

RMF Process Specialist (R-00181)

True Zero Technologies 11-50 Internet Software & Services

True Zero Technologies is seeking an RMF Process Specialist to support the development, documentation, standardization, and governance of Risk Management Framework processes across the organization.

Cybersecurity Git
20 hours, 12 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers