Jr. SOC Analyst (L1)

Job title: Junior SOC Analyst (L1)

Location:  Kathmandu, Nepal.

No. of Requirement: 2

Salary: Negotiable

Purpose of the position:

To investigate, analyze, and respond to escalated security incidents from L1 analysts; to perform deeper forensic analysis and threat hunting activities; to assist in developing and implementing security measures and controls; to provide guidance and mentorship to L1 analysts; to collaborate with senior SOC staff in improving incident response procedures, ensuring effective containment, eradication, and recovery from security incidents.

Responsibilities & Duties

•   Monitor and analyze security events and alerts generated by the company’s security tools, such as SIEM systems;
•   Assist in investigating and responding to security incidents, including malware infections, phishing attempts, and unauthorized access;
•   Learn and apply cybersecurity concepts and technologies under the guidance of senior analysts;
• Participate in vulnerability assessments to identify potential weaknesses in the network or systems;
•  Assist in creating detailed reports on security incidents and trends for management and technical teams;
•   Maintain and update security documentation and procedures;
•  Participate actively in team meetings and training sessions;
• Communicate effectively with team members and seek guidance to enhance learning and development;

Academic & Trades Qualifications

•   Bachelor’s Degree in Computer Science, Cybersecurity, Information Technology, or a related filed or equivalent.
•   Basic knowledge of networking, operating systems, and cybersecurity tools (e.g., SIEM, IDS/IPS).
•  Familiarity with cybersecurity frameworks such as NIST or ISO 27001 (desirable).

Work experience

• At least 1-2 years of work experience in the field of cybersecurity.

Essential skills, abilities& knowledge

• Basic Security Monitoring: Ability to monitor and analyse security alerts generated by SIEM tools, firewalls, IDS/IPS, and other security platforms.
•  Log Review & Analysis: Basic skills in reviewing security logs from systems and devices, identifying anomalies or potential security threats.
• Alert Triage: Ability to perform initial triage on security alerts to determine their severity and escalate when necessary.
•   Incident Documentation: Proficient in documenting and recording security incidents, actions taken, and results, following established procedures.
• Basic Troubleshooting: Ability to perform basic troubleshooting and follow standard procedures to investigate security alerts and incidents.
• Basic Network Security: Familiarity with common network security tools and practices such as firewalls, antivirus, and endpoint protection.

 Abilities:

•  Analytical Thinking: Ability to analyse security events, identify potential threats, and distinguish between false positives and real incidents.
•   Attention to Detail: Strong attention to detail to identify and investigate unusual patterns or behaviours that may indicate a security incident.
• Communication: Ability to communicate clearly and effectively, both in written reports and verbal escalations to senior analysts.
• Escalation: Ability to escalate suspicious events or security incidents to L2 or senior analysts for further investigation.
•   Learning & Adaptability: Ability to quickly learn new tools, technologies, and processes, and adapt to evolving cybersecurity threats.
•  Team Collaboration: Ability to work well with other team members and collaborate with different departments, such as IT, to resolve security issues.
• Knowledge:  Cybersecurity Fundamentals: Basic understanding of core cybersecurity concepts, such as the CIA triad (Confidentiality, Integrity, Availability), threat vectors, and attack types (e.g., phishing, malware).
•  Basic Network Concepts: Basic knowledge of networking protocols (TCP/IP, DNS, HTTP/S) and how they relate to security monitoring.
• Security Tools & Platforms: Familiarity with SIEM tools, firewalls, antivirus software, endpoint protection tools, and intrusion detection systems (IDS).
•  Incident Response Process: Basic understanding of the incident response lifecycle, including identification, containment, and documentation.
•   Common Threats & Vulnerabilities: Awareness of common types of cyber threats (e.g., viruses, worms, ransomware, DDoS) and security vulnerabilities (e.g., unpatched systems, weak passwords).
• Regulatory Compliance Awareness: Basic understanding of key regulatory frameworks, such as GDPR, PCI-DSS, or HIPAA, and their impact on security practices.
• One certification/training in Cyber Security /Information Security/Network Security/Digital

Tagged as: Kathmandu