Junior Security Operations Center (SOC) Analyst

Enter Job Title

Who We Are

Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats.

Position Overview

This is an entry-level Junior L1 Security Operations role at Legato Security, designed for individuals beginning their career in cybersecurity. As part of our managed security operations team, you will serve as a first line of defense for customer environments, monitoring alerts, performing initial triage, and supporting incident escalation within the SOC. This role emphasizes learning and hands-on experience with real-world security operations while working alongside seasoned analysts and engineers who actively mitigate modern cyber threats. This position is ideal for candidates looking to build a strong technical foundation in managed security services while growing into more advanced SOC and security roles over time.

Please note: This is a 24/7 operational role. The SOC operates on rotating shifts (morning, afternoon, and night) to ensure continuous monitoring and response.

Job Responsibilities

• Real-Time Monitoring & Triage:
• Act as the first line of defense by continuously monitoring alerts generated from security alerts across SIEM, EDR, cloud, and email security platforms.
• Perform initial triage of alerts by validating alerts based on security tool–assigned priority and assessing relevant alert context to support escalation.
• Follow documented Standard Operating Procedures (SOPs) to investigate, validate, and
• Alert Escalation & Documentation
• Escalate all validated security incidents and suspicious activity to L2 Analysts for deeper investigation and response.
• Accurately document triage steps, findings, and communications in the incident management and ticketing system.
• Using Automation & Security Tools
• Leverage pre-built security automation and response playbooks (SOAR) that enrich alerts with threat intelligence and contextual data.
• Use core security tools to gather initial investigative data (e.g., identity logs, EDR telemetry, domain, and IP reputation checks).
  

Qualifications

Required Qualifications:

• A foundational background in information technology or cybersecurity gained through hands-on experience, personal labs, coursework, certifications, internships, or related IT roles.
• Willingness and availability to work in a 24/7 rotational shift environment, including morning, afternoon, and overnight shifts.
• 0–2 years of relevant experience in IT support, help desk, system administration, network operations, or security operations (academic labs and internships count).
• Strong attention to detail with the ability to follow documented procedures and accurate document findings.
• Solid analytical thinking skills and the ability to assess alerts, identify patterns, and determine when escalation is appropriate.
• Clear written and verbal communication skills, especially for ticket documentation and shift handovers.
• Foundational understanding of: Networking concepts (TCP/IP, ports, and protocols).
• Core security principles (firewalls, phishing, malware, endpoint protection).
• Basic cloud concepts and security fundamentals (AWS, Azure).
• A strong desire to grow in cybersecurity and develop hands-on experience with SIEM, EDR, and SOAR tools in a managed security services environment.
  
  

Preferred Qualifications

• Exposure to cloud platforms such as AWS, Azure, or GCP is a plus.
• Preferred but not required: Entry-level certifications such as CompTIA Security , Network , or equivalent foundational credentials
  
  

Perks

• Start-up company in a growth phase with opportunity for advancement based on performance
• Start-up culture with an office in downtown Salt Lake City, UT
• Competitive medical and dental benefits for employee and family members
• Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match
• Flexible Paid Time Off policy
• Professional Development opportunities specific to role