Job Purpose
We are looking for an SOC Analyst – Level 1 to provide continuous 24×7 monitoring and first-level triage of cybersecurity and IT infrastructure/network events. The role ensures timely detection, escalation, and SLA-driven incident management across SOC/NOC operations.
Experience: Minimum 3 Years
Shift: 24×7 Rotational Shifts (8 Hours)
Applicant must be available in side Qatar with Valid QID. Only Immediate joiners are preferred.
Key Responsibilities
• Monitor SOC/NOC alerts 24×7 using SIEM, Network Anomaly Detection, and infrastructure monitoring tools.
• Perform Level 1 triage, including validation (true/false positives), initial impact assessment, and event enrichment.
• Create, classify, and update incidents in ITSM tools with proper documentation and evidence.
• Execute predefined SOPs/playbooks such as validation checks, connectivity verification, and initial containment (as approved).
• Escalate incidents to L2/L3 teams based on severity, SLAs, and escalation matrix.
• Prepare shift handover reports to ensure seamless operational continuity
Required Qualifications
• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
Mandatory Certifications / Training
• IBM QRadar SIEM (Analyst Level)
• SOC Analyst / Incident Handling certifications (ECSA, Security+, CEH, ECIH, GCIH, or equivalent)
• Certification or training in any NMS / infrastructure monitoring tool
Preferred Certifications
• IBM QRadar SIEM
• ITIL Foundation (IT Service Management)
• Additional cybersecurity certifications
Experience & Technical Skills
• Minimum 3 years of experience in SOC operations.
• Hands-on experience with IBM QRadar SIEM (log analysis, dashboards, reporting).
• Experience in incident investigation using AV, EDR, NDR, IDS/IPS, and firewalls.
• Knowledge of OS logs (Windows, Linux), HTTP protocols, and network packet analysis.
• Familiarity with malware analysis tools and OSINT tools.
• Understanding of MITRE ATT&CK framework and Cyber Kill Chain.
• Experience in threat intelligence, threat hunting, and incident reporting.
• Exposure to ITSM tools and infrastructure monitoring tools.
• Experience in SOC/NOC metrics reporting and documentation.
• Exposure to Red, Blue, and Purple Teaming exercises
Preferred Technical Exposure
• ManageEngine OpManager.
• SOAR platforms.
• Vulnerability Management tools.