SOC Analyst I

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. We are seeking a dedicated L1 SOC Analyst for a fully remote role. This position is integral to our Security Operations Center (SOC), focusing on the initial monitoring, analysis, and triage of security events and incidents.

Responsibilities

• Monitor security events and alerts utilizing advanced security technologies and tools such as Microsoft Sentinel, Defender technologies, and Log Analytics.
• Assist with the initial identification and triage of potential security threats using threat intelligence.
• Support the response to security incidents, providing initial analysis and escalating to senior analysts as necessary.
• Gain proficiency in KQL Queries to assist in investigations and derive insights from potential security threats.
• Collaborate with other SOC team members to resolve security incidents and enhance the overall security posture.
• Participate in initial incident response efforts under the guidance of senior team members, adhering to NIST guidelines.
• Contribute to the continuous improvement of security operations by identifying trends and anomalies in security events.
• Communicate effectively with team members and stakeholders regarding security incidents and initial findings.

• Show willingness to work in a 24/7 environment, including shifts and on-call rotations.
• Begin to understand the requirements for working in government environments and the associated incident response procedures based on NIST guidelines.
• Start to develop skills in implementing and utilizing Microsoft Sentinel for SIEM and SOAR concepts.
• Learn to use Azure Sentinel for the detection and response to security threats and anomalies.
• Acquire knowledge on techniques utilizing the MITRE ATT&CK framework for incident investigation and basic threat hunting.
• Initiate understanding in conducting basic investigations and identifying suspicious activities through log analysis.