Enable job alerts via email!
SOC Analyst L1
Nawatech
Tangerang Selatan
On-site
IDR 200.000.000 - 300.000.000
Full time
17 days ago
Job summary
A leading company in cybersecurity is seeking a SOC Analyst to monitor security events and respond to incidents using SIEM technologies. Candidates should have foundational knowledge of cybersecurity, SIEM platforms, and strong log analysis skills. This position offers a chance to work in a dynamic team environment with rotational shifts promoting professional growth.
Qualifications
- 1–3 years of experience in cybersecurity or IT support.
- Familiarity with at least one SIEM platform.
- Basic understanding of TCP/IP, firewalls, IDS/IPS.
Responsibilities
- Monitor security events and alerts using SIEM platforms.
- Conduct initial investigations of suspicious activities.
- Document investigation findings and assist in incident reporting.
Skills
Log analysis
Incident troubleshooting
Threat hunting
Tools
SIEM platforms
Sysmon
Suricata
Azure Monitor
Job description
What Will You Do
This role operates in two rotational shifts during working days:
- Monitor security events and alerts using SIEM platforms such as Microsoft Sentinel, Splunk, Wazuh, or Google SecOps.
- Analyze and triage security alerts based on severity and potential impact.
- Conduct initial investigations of suspicious activities and potential security incidents.
- Collaborate with other security teams to escalate and mitigate incidents.
- Document investigation findings and assist in incident reporting.
- Support the development and maintenance of SOC playbooks and response procedures.
- Perform basic threat hunting based on Indicators of Compromise (IoCs).
- Assist in system patching and hardening based on security monitoring insights.
- 1–3 years of experience in cybersecurity or IT support.
- Familiarity with at least one SIEM platform (Sentinel, Splunk, Wazuh, or Google SecOps).
- Basic understanding of TCP/IP, firewalls, IDS/IPS, and Windows/Linux systems.
- Strong log analysis and incident troubleshooting skills.
- Foundational knowledge of OWASP Top 10 and MITRE ATT&CK framework.
- Certifications such as CompTIA Security+, SC-200, or CEH.
- Experience with tools like Sysmon, Suricata, or Azure Monitor.
- Basic scripting skills (Python, PowerShell, Bash).
- Exposure to cloud environments (Azure, AWS, GCP).
- Monitoring & Detection: Utilize SIEM to detect anomalies and potential attacks.
- Incident Response: Manage incidents from detection to resolution.
- Log Analysis: Analyze logs from firewalls, endpoints, servers, and applications.
- Threat Intelligence: Leverage threat intel feeds for contextual analysis.
- Reporting: Prepare daily and weekly security status reports.
This role operates in two rotational shifts during working days:
- (Morning): 7:00 AM – 4:00 PM
- (Afternoon): 1:00 PM – 10:00 PM
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
Follow us
