What are the responsibilities and job description for the SOC Analyst I position at NTG?
Description
As a SOC Tier 1 Analyst, you will play a critical role in safeguarding our clients' information systems and networks against cyber threats. You will be responsible for monitoring security events, analyzing alerts, and escalating incidents as necessary to ensure timely resolution. Additionally, you will collaborate closely with cross-functional teams to implement proactive security measures and contribute insights to enhance our overall security posture. This position requires shift work, including nights, weekends, and holidays, as the SOC provides 24/7/365 support to our customers.
Essential Duties And Responsibilities
The essential functions include, but are not limited to the following:
As a SOC Tier 1 Analyst, you will play a critical role in safeguarding our clients' information systems and networks against cyber threats. You will be responsible for monitoring security events, analyzing alerts, and escalating incidents as necessary to ensure timely resolution. Additionally, you will collaborate closely with cross-functional teams to implement proactive security measures and contribute insights to enhance our overall security posture. This position requires shift work, including nights, weekends, and holidays, as the SOC provides 24/7/365 support to our customers.
Essential Duties And Responsibilities
The essential functions include, but are not limited to the following:
- Monitor security alerts and events generated by various security tools, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
- Analyze and triage security incidents to determine their severity and potential impact on client environments.
- Perform initial investigation and containment of security incidents, following established procedures and protocols.
- Document incident details, including the timeline of events, actions taken, and any associated artifacts.
- Escalate complex incidents to Tier 2 or Tier 3 analysts for further investigation and resolution.
- Provide timely updates and communication to clients regarding the status of ongoing incidents.
- Collaborate with other SOC team members to share knowledge and improve incident response processes.
- Stay abreast of emerging threats and vulnerabilities to enhance the effectiveness of security monitoring and threat detection.
- The ability to gain vendor specific certifications.
- Must be a US Citizen
- 2 years of experience in cybersecurity, Security Operations Center (SOC), or related information security roles.
- Strong understanding of cybersecurity principles and common attack vectors
- Excellent problem-solving skills and attention to detail
- Effective communication skills, with the ability to convey technical information to both technical and non-technical stakeholders
- Relevant baseline certifications such as CompTIA Security , or ISC2 Certified in Cybersecurity certifications preferred
- Preferred Qualifications (Knowledge, Skills, and Abilities)
- Associate or bachelor’s degree in cybersecurity, computer science, or related field
- Hands-on experience with SIEM, IDS/IPS, and endpoint detection and response (EDR) tools (e.g., MS Defender, CrowdStrike, Sophos, SentinalOne)
- Experience using ticketing systems (e.g., Microsoft Dynamics, ServiceNow, Jira) to track, document, and escalate security incidents and support requests efficiently
- Hands-on experience using Splunk for security event monitoring, log analysis, and incident investigation within a SOC or cybersecurity environment.