Job Purpose
We are looking for a IT Security Monitoring Analyst – Level 1 to provide 24×7 first-line monitoring and triage for both cybersecurity and IT infrastructure/network events to ensure continuous detection, timely escalation, and SLA-based ticket handling.
Mobilization: Onsite
Shift: 8 hours (24×7) shift
Duration of Services: 1 Year
Key Responsibilities
• Monitor SOC/NOC alerts 24×7 from SIEM, Network Anomaly Detection Tool, and server/service monitoring tool.
• Perform L1 triage and validation (true/false positive, initial impact assessment, enrichment using available context).
• Create, classify, and update incidents/service tickets in ITSM ensuring complete documentation and evidence.
• Execute basic predefined actions based on SOPs/playbooks (e.g., validation checks, connectivity verification, initial containment steps with approval).
• Escalate to L2/L3 teams according to severity, SLA thresholds, and escalation matrix.
• Provide shift handover reports and maintain operational continuity across 24×7 shifts.
Required Qualifications
• Bachelor’s degree in information security, Computer Science, IT, or a related field.
Professional Certifications / Trainings (Must)
• Trained or Certified in any NMS/infra service availability monitoring tool
• SOC Analyst / Incident Handling certifications (ECSA, Security+, CEH, ECIH, GCIH, or equivalent)
• Certification or training in any NMS / infrastructure monitoring tool
Professional Certifications / Trainings (Preferred)
• Practical cybersecurity training such as Security Blue Team, INE Security or equivalent
• Trained or Certified in IT Service Management such as ITIL foundation
• Other cyber security certifications
General SOC & NOC Experience (Must)
• Minimum 3 years of experience as SOC analyst role
• Experience in log analysis and incident investigation using the IBM QRadar SIEM
• Experience in creating dashboards and scheduled reports in IBM QRadar SIEM
• Experience with incident investigation using different security technologies such as AV, EDR, NDR, IDS/IPS, and firewalls
• Understanding of different Operating Systems event logs such as Windows events (systems, security, application, powershell and sysmon), Linux OS audit logs
• Understanding of HTTP request and response
• Understanding of network protocols and packet analysis.
• Knowledge in using different open-sourced malware analysis tools
• Experience in handling threat intelligence and threat hunting
• Knowledge in different open-sourced intelligence tools (OSINT)
• Understanding of ATT&CK MITRE and the Cyber Kill Chain security best practices and threat intelligence concepts
• Practical experience with any IT Service Management Tools
• Practical experience with any IT Service and availability monitoring tool
• Experience in documenting security incident report and SOC & NOC metrics
• Experience in Red, Blue, Purple Teaming exercise
Technical Expertise (Preferred)
• Experience working with Manage Engine OpManager technology.
• Experience working with any SOAR platforms.
• Experience working with any Vulnerability Management tool.