Role Purpose

We are seeking an enthusiastic and driven Tier 1 Security Operations Centre (SOC) Analyst to join our Security Operations Centre.

In this frontline role, you’ll support the detection, triage, and escalation of security incidents, helping to protect our organisation and customers from evolving cyber threats. You'll monitor security alerts, assist with investigations, and contribute to vulnerability management and compliance efforts.

This is an excellent opportunity for someone early in their cybersecurity career to gain hands-on experience, grow their skills, and be part of a collaborative and high-performing security team.

Role Responsibilities

Key responsibilities for this role may include: 

Incident Detection & Response:

• Monitor security events and alerts using SIEM (Security Information and Event Management) and other security tools to identify potential security threats and incidents.

• Conduct initial triage, analysis, and categorisation of security incidents based on severity and impact.

• Escalate complex or high-impact incidents to senior SOC analysts or other IT/security teams as required

• Assist with containment and remediation efforts, ensuring incident response actions are carried out promptly and effectively

• Collaborate on the detection and response to incidents with senior SOC staff and other teams when necessary.

• Assist in documenting incident timelines, indicators of compromise (IOCs), and response actions taken.

• Regularly perform compliance checks and IT health check schedules against internal components and against our services. Working on Remedial Action Plans and mitigations on completion of ITHC and vulnerability scanning activity.

• Participate in on-call or out-of-hours technical support where appropriate and supported by senior staff.

Threat intelligence and analysis:

• Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques.

• Analyse network and system logs to identify anomalous behaviour and trends indicating potential cyber threats.

• Contribute to threat intelligence sharing within the organisation and with external partners.

Security Monitoring:

• Conduct continuous security monitoring of network traffic, endpoints, and critical systems.

• Help to identify, analyse, and support the mitigation of security weaknesses and vulnerabilities across the infrastructure.

• Help to ensure that alerts are managed, categorised, and investigated in line with the organisation’s incident management procedures and within SLAs.

• Contribute to the development and refinement of detection rules and response playbooks.

• Assist in the deployment and configuration of security tools, ensuring they are properly integrated and functioning.

Compliance, Reporting and Documentation:

• Participate in security audits and assessments, providing evidence of SOC activities and controls.

• Maintain accurate records of all events handled, including triage notes and escalation details.

• Support the delivery of incident and vulnerability summaries to the management team and customers as part of Service Reviews or Security Working Groups.

• Participate in post-incident reviews and help document lessons learned.

• Assist in ensuring compliance with industry standards, regulations, and internal security policies.

• Contribute to the preparation of regular reports and metrics on SOC operations and overall security posture.

Vulnerability Management:

• Assist in monitoring and managing vulnerabilities across live service using various vulnerability management tools

• Support compliance with patching policies by tracking vulnerability status and helping to coordinate remediation efforts

• Providing regular updates on vulnerability status to the wider SOC team and other stakeholders

• Contribute to Remedial Action Plans by documenting actions taken and tracking remediation progress

• Work with third parties to respond to advisories and directives for critical vulnerabilities in a timely manner.

Collaboration and knowledge sharing:

• Work closely with other IT teams (e.g., Network, Architecture, and Development teams) to identify and resolve security issues.

• Share insights, threat intelligence, and incident learnings to improve the overall security posture of the organization.

Continuous Improvement:

• Identify and suggest improvements to SOC processes, playbooks, and tools based on hands-on experience and incident handling

• Contribute to the development and documentation of SOC procedures, ensuring they are clear, accurate, and up to date

Education and Experience Requirements

As a T1 SOC Analyst, you will have: Experience (preferred)

• 6 months to 2 years of hands-on experience in a SOC or similar security environment

• Graduates or career changers with lab experience, internships, or home lab projects are encouraged to apply

Education:

• Bachelor’s degree in Computer Science, Information Security, Cyber Security or related field, or equivalent experience desirable.

Certifications (preferred):

• Any SIEM-specific certification or vendor-specific training.

• Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), BTL1 or others are highly desirable but not essential.

Technical Skills:

• Familiarity with SIEM tools (e.g., LogRhythm, Elastic SIEM, Microsoft Sentinel, or similar).

• Basic understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security.

• Exposure to or understanding of log analysis and alert triage, vulnerability scanning and patching and incident response

• Knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK).

• Understanding of network protocols, malware analysis, threat intelligence, and vulnerability management.

• An understanding of and an interest in learning scripting and automation for security operations.

Soft Skills:

• Strong written and verbal communication skills

• Analytical thinker with good attention to detail and sound judgement

• Able to follow standard operating procedures with discipline and accuracy

• Eager to learn, ask questions, and develop professionally

• Comfortable working in a fast-paced team environment and handling multiple alerts

SecureCloud+ is an equal opportunities employer and does not discriminate on the basis of age, sex, colour, religion, race, disability, or sexual orientation. Our hiring decisions are based on an individual’s experience and qualifications for the job advertised.