Security Analyst L1

As a Level 1 Security Analyst in a Managed Security Service Provider (MSSP), you are the first line of defense, responsible for monitoring and triaging security alerts acrossmultiple client environments. You will use SIEM and other security tools to identifysuspicious activities, escalate genuine threats, and ensure accurate documentation of incidents. This entry-level role is ideal for candidates looking to grow their skills in a real-world SOC environment while contributing to the protection of various organizations.Key Responsibilities:Monitor security alerts and events from SIEM, EDR, firewall logs, and other tools across multiple client environments.Perform initial triage and classifiation of events to identify potential security incidents.Escalate alerts to Level 2 analysts according to established escalation and severity procedures.Create and maintain accurate tickets and investigation records in accordance with SLAs and internal guidelines.Support the execution of basic incident response procedures, such as isolating endpoints or disabling user accounts (based on pre-approved playbooks).Follow documented SOPs, workflows, and client-specific instructions when handling security events.Assist with daily health checks of monitoring tools, ensuring data sources and integrations are functioning properly.Perform false positive analysis to improve alert quality over time.Participate in shift handovers and contribute to incident timelines and summaries.Collaborate with other SOC analysts to improve detection accuracy and response quality.Maintain awareness of current cyber threats and security news relevant to MSSP operations.Requirements:Education & Experience:Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field—or equivalent hands-on experience.0–2 years of experience in cybersecurity, IT support, or security monitoring (internships or academic labs also considered).Familiarity with basic security concepts such as firewalls, malware, phishing, and log analysis.Technical Skills:Exposure to or experience with security tools such as SIEM, EDR, or IDS/IPS.Basic understanding of networking, operating systems (Windows/Linux), and cybersecurity principles.Ability to interpret security logs and recognize anomalies.Experience with ticketing systems or case management tools is a plus (e.g.,ServiceNow, Jira, TheHive).Certifiations (preferred but not required):CompTIA Security+ or equivalent foundational cybersecurity certifiation.Completion of cybersecurity bootcamps or relevant training programs is an advantage.Key CompetenciesStrong attention to detail and analytical thinking.Eagerness to learn and grow in a fast-paced, real-time SOC environment.Good verbal and written communication skills.Ability to follow structured processes and maintain consistency.Team player with a proactive and curious mindset.