Responsibilities

The Tier 1 SOC Analyst will perform triage on all security-related events, investigate and identify the root cause behind security incidents, determine the extent and remediation of security events, refine/improve existing use cases/alerting with Tier 2, perform regular continuous monitoring of events across platforms, operating systems, databases, and management systems, track and communicate reported events, review existing security events and propose refinements, improve and implement indicators and protections, perform general operational and maintenance tasks, review previously blocked domains/IPs, generate datasets for later analysis, generate reports on a scheduled basis, provide the first line communication for events into the SOC, handle or escalate emails and phone calls to the SOC, document event descriptions and artifacts within the ticketing system, work collaboratively with stakeholders to investigate events, and handle or escalate incoming emails and phone calls to the SOC.