
SOC Analyst (NCS/Job/ 3653)
Job Skills
Job Description
Job Description: SOC Analyst
Role: Security Operations Center (SOC) Analyst (Sentinal mandatory)
Experience: 5–8 Years
Role Overview
Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff. This role focuses on real-time monitoring, triage, and response to security alerts across endpoint protection, phishing incidents, and email security tools.
Primary responsibility includes working with:
- SentinelOne (EDR/XDR alerts)
- Microsoft Defender (Email, Endpoint, Identity alerts)
- Phishing reports from end-users
Key Responsibilities
1. Security Alert Monitoring & Triage
- Monitor and triage alerts from:
- SentinelOne (malware, suspicious activity, behavioral alerts)
- Microsoft Defender (Defender for Endpoint, Defender for Office 365)
- Perform initial investigation and classification:
- True Positive / False Positive
- Severity and impact assessment
- Escalate complex incidents to internal teams
2. Phishing Incident Response
- Analyze phishing reports submitted by users:
- Email headers, URLs, attachments
- Take appropriate response actions:
- Block sender/domain
- Quarantine emails
- Trigger user awareness notifications
- Coordinate with email security policies in Defender
3. Incident Response
Focus
- Alert triage and ticket creation
- Basic containment actions (isolate endpoint, block indicators)
- Run predefined playbooks
- Deep-dive investigation of incidents
- Endpoint forensics (via SentinelOne)
- Correlate alerts across tools
- Execute remediation actions (kill processes, isolate machines)
4. Ticketing & Documentation
- Create and update incident tickets (ServiceNow/JIRA or equivalent)
- Maintain clear investigation notes and evidence
- Ensure SLA adherence for response and resolution
5. Threat Detection & Improvement
- Identify recurring patterns and suggest tuning
- Reduce false positives via rule optimization
- Contribute to improving SOC playbooks and runbooks
Required Skills & Qualifications
Core Technical Skills
- Hands-on experience with:
- SentinelOne (EDR/XDR investigation)
- Microsoft Defender (Endpoint + Email Security)
- Strong understanding of:
- Phishing detection and analysis
- Malware behavior and indicators of compromise (IOCs)
- Email security (SPF, DKIM, DMARC basics)
- Familiarity with SIEM/SOAR tools (nice to have)
Preferred Skills
- Experience with:
- Microsoft Defender for Office 365
- Threat Intelligence platforms
- Basic scripting (PowerShell/Python) for investigation
- Understanding of MITRE ATT&CK framework
Soft Skills
- Strong analytical thinking
- Clear communication (written & verbal)
- Ability to work in fast-paced SOC environment
- High attention to detail
Certifications (Preferred)
- Security+
- CySA+ / CEH
- Microsoft Security Operations Analyst (SC-200)
Stay Ahead.
Never Miss the Right Opportunity.
Manage your job alerts, preferences, and subscription anytime.
Matching Jobs
Stay Ahead.
Never Miss the Right Opportunity.
Manage your job alerts, preferences, and subscription anytime.