We are seeking a motivated and detail-oriented Tier 1/2 Security Analyst to join our Security Operations team. In this role, you will serve as the first line of defense, primarily responsible for monitoring and responding to security alerts using Google Chronicle SIEM and SOAR platforms for one of our key clients. You will play a crucial part in detecting, investigating, and escalating security incidents to safeguard the client’s assets and infrastructure.

Key Responsibilities:

Security Monitoring:

 Continuously monitor and analyze security alerts and events using Google Chronicle SIEM.

 Utilize SOAR (Security Orchestration, Automation, and Response) to manage cases.

 Identify, triage, and prioritize security events based on predefined rules and threat intelligence sources.

Incident Response:

 Respond to security incidents by conducting initial investigations and assessments.

 Escalate incidents to Tier 2 or Tier 3 analysts for further investigation when needed.

 Document and communicate incident findings to relevant teams in accordance with standard operating procedures (SOPs).

Reporting & Documentation:

 Maintain detailed and accurate documentation of all security incidents and actions taken.

 Generate regular reports on security events, incidents, and trends for senior analysts and management.

SIEM, SOAR

Requirements:

Education:

 Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).

Experience:

 Minimum of 1 year of experience in a security operations or analyst role, preferably with experience in SIEM or SOAR platforms.

 Familiarity with Google Chronicle or similar SIEM platforms is preferred.

Certifications:

 CompTIA Security+

 Certified SOC Analyst (CSA)

 Google Cloud Certifications (highly desirable)

Skills:

 Familiarity with common security technologies such as firewalls, IDS/IPS, endpoint protection, and

threat intelligence platforms.

 Strong understanding of security incident response processes and threat detection methodologies.

 Knowledge of security frameworks like MITRE ATT&CK, NIST, and ISO 27001.

 Basic scripting knowledge (Python, Bash) for task automation is a plus.

 Ability to thrive in a fast-paced environment and manage multiple incidents concurrently.