Associate Analyst - Managed Security Services

Security Monitoring

- Continuously monitor security alerts and events from SIEM tools and other monitoring systems

- Analyze logs and events for signs of potential security incidents or breaches

Incident Triage and Initial Response

- Perform initial triage of security incidents, classify and prioritize them based on severity

- Escalate confirmed or high-risk incidents to L2/L3 analysts for deeper investigation

Alert Analysis and Investigation

- Review alerts from firewalls, IDS/IPS, antivirus, EDR, email gateways, etc.

- Correlate events across multiple systems to identify suspicious activity

Documentation and Reporting

- Create and maintain detailed incident tickets and investigation notes

- Prepare daily/weekly reports on incident trends, alert volumes, and response actions

Threat Intelligence Review

- Stay updated with emerging threats and vulnerabilities

- Use available threat intelligence to support alert validation and enrichment

System Health Checks

- Ensure the monitoring tools (SIEM, log collectors, endpoint agents, etc.) are functioning properly

- Report any gaps in visibility or tool failures

Follow Standard Operating Procedures (SOPs)

- Adhere strictly to defined incident response procedures and escalation paths

- Participate in continuous improvement of SOC SOPs

User Awareness and Phishing Triage

- Analyze reported phishing emails and suspicious user activities

- Help with awareness by informing users of phishing attempts or false positives

Shift Handover and Communication

- Conduct clear shift handovers with detailed updates on ongoing incidents and system status

- Communicate effectively with other teams (IT, network, infrastructure) when required

Person Specification

Completed a degree related to cybersecurity

Minimum 01 year of experience in a SOC/SIEM environment

Certifications such as SIEM, CEH, or other cybersecurity-related qualifications will be an added advantage