SOC Analyst - L1

Role: SOC Analyst

1. About the Role

At Neysa, our SOC Analysts are the first line of defence in our security ecosystem. This role

is designed for a detail-oriented professional who excels at monitoring, triaging, and

investigating security events in real-time. As an L1.5 analyst, you will be responsible for the

initial "deep dive" into alerts, ensuring that potential threats are identified, analysed, and

documented with precision. This is a foundational role where your ability to connect

disparate data points will directly protect our business landscape.

2. Key Expectations & Responsibilities

• Alert & Log Analysis: Ability to work on log and alert analyses based on the

security alerts generated by the SIEM system.

• Correlation: Ability to correlate multiple alerts to connect the dots and detect an

overall threat pattern.

• SLA & Reporting: Ability to work as per defined SLAs and generate SIEM reports

according to business requirements.

• Daily Investigation: Assist in investigating security logs across various sources

including Network traffic, Firewalls, IPS, WAF, Endpoints, O365, Cloud and

Databases.

• Incident Analysis: Experience performing analysis of phishing incidents, malware

incidents, C&C traffic, signature triggers, firewall logs etc.

• Framework Knowledge: Understanding of the MITRE ATT&CK framework and

Cyber Kill Chain framework.

• Foundations: Basic but strong understanding of networking, firewalls, Linux

environments, security policies, vulnerabilities, and Indicators of Compromise (IoCs).

Added Advantages (Good to have):

• Use Case Support: Previous experience or interest in assisting with the creation of

detection rules/use cases in a SIEM.

• Proactive Support: Familiarity with basic threat hunting techniques to look for

anomalies in the environment.

3. Experience & Qualification

• Experience: 1 - 3 years of experience working in a Security Operations Center (SOC)

with a primary focus on log analysis, incident management, incident reporting, and

Root Cause Analysis (RCA).

• Availability: Readiness to work in 24/7 rotational shifts.

• Desired Certification (Any one):

Blue Team Level 1 (BTL1)

Certified Ethical Hacker (CEH)