SOC Analyst

The SOC Analyst – Offshore is responsible for real-time monitoring, triage, and analysis of security events across the organization’s IT environment. The role focuses on identifying potential threats, escalating incidents, and supporting incident response activities to ensure the security and integrity of systems and data.

• Monitor security alerts and events using SIEM platforms and other security monitoring tools.
  

• Validate, prioritize, and fine-tune alerts to reduce false positives and maintain effective SOC operations.
  

• Conduct routine health checks of SOC tools and promptly report anomalies.
  

• Perform initial triage, classification, and severity assessment of security incidents.
  

• Review system, network, and application logs to identify suspicious activities.
  

• Conduct basic endpoint analysis using EDR tools.
  

• Enrich event data using internal and external threat intelligence sources.
  

• Execute predefined incident response playbooks and adhere to standard operating procedures (SOPs).
  

• Escalate incidents to higher-tier analysts with complete, accurate, and well-documented case notes.
  

• Communicate incident updates and status to the SOC team in a timely manner.
  

• Document all investigative actions, findings, and recommendations in the ticketing or case management system.
  

• Participate in periodic security reporting and support trend and metrics analysis.
  

• Assist in maintaining up-to-date threat intelligence feeds and indicators of compromise (IOCs).
  

• Support vulnerability and patch management efforts by monitoring relevant alerts and providing initial assessments.
  

• Identify recurring alert patterns and suggest enhancements to SOC playbooks and processes.
  

• Contribute to the ongoing improvement of SOC operations and detection capabilities.