SOC Analyst (Triage Specialist)

About the role

The SOC Analyst (Triage Specialist) is a key member of the Security Operations Center, serving as the first line of defense against cyber threats. You will triage raw security data, evaluate alerts, and determine their criticality to protect the organization.

Key responsibilities

• Continuously monitor and collect raw security data from multiple platforms.
• Review, validate, and enrich alarms and alerts with Indicators of Compromise and threat intelligence.
• Use SIEM, EDR/XDR, and SOAR tools to identify, correlate, and prioritize high‑risk events.
• Conduct initial investigations, categorize alerts, and escalate complex incidents.
• Collaborate with stakeholders to communicate incident details and risk assessments.
• Assist in configuring, optimizing, and fine‑tuning security monitoring tools and detection rules.
• Maintain accurate incident records in ticketing systems and generate regular reports.

Required profile

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field, or equivalent experience.
• At least 1 year of hands‑on experience in a SOC environment.
• Strong analytical and critical thinking abilities.
• Excellent written and verbal communication in English.
• Ability to work independently under pressure while maintaining attention to detail.

Required skills

• Experience with SIEM platforms such as Chronicle, Splunk, IBM QRadar, FortiSIEM.
• Proficiency with EDR/XDR solutions like Trellix, CrowdStrike, SentinelOne, FortiXDR.
• Familiarity with SOAR platforms including Chronicle, FortiSOAR, Splunk SOAR.
• Knowledge of network protocols (TCP/IP, DNS, HTTP/S).
• Understanding of operating systems (Windows, Linux).