Associate - L1 SOC Analyst

In the Digital Trust & Cybersecurity team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients' changing cybersecurity needs. The Level 1 SOC Analyst is responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. This role involves working in a 24/7 environment to detect, respond to, and mitigate security incidents. The L1 SOC Analyst will serve as the first line of defense in identifying potential threats and vulnerabilities within the organization’s network and systems.

• Alert Triage & Investigation – Monitor for newly triggered alerts, look for alerts not yet marked as Open or Closed, collect more information to support the theory of the alerts under assessment, correlate alerts with other security devices, and investigate the impact of the alerts.
• Shift Handover – Participate in shift handover process, conduct shift handover, prepare shift handover report, and communicate shift handover information to next shift personnel.
• Log Monitoring – Detect and investigate if logs stopped flowing to SIEM; contact the server owner; generate a list and work on the list; report resolved items and methods used; for Linux – Syslogs – get in touch with server owner; for Windows – check permission, user status, password expiry; note that local user ID for Windows collections is Irsvrcollector.
• Ticket Management – Attend to Jira tickets sent to the client, respond to inquiry or forward the ticket to the respective group/team.
• Log Parser Issues – Detect and report tickets with log parser issues to Infra/SIEM Engineer.
• False Alarm Reporting – Detect and report tickets with False Alarm to Infra/SIEM Engineer.
• Alert Analysis – Authorised to review and analyse alerts generated by security tools and systems.
• Incident Escalation – Empowered to elevate potential security incidents to higher-level analysts (L2 or L3) based on predefined criteria.

• Graduates from a Degree in Cybersecurity, Network Security or an equivalent field.
• 1‑2 years of experience in the area of Cybersecurity, SOC or Surveillance.
• Proficiency in English, Malay and Mandarin; proficiency in Cantonese is an added advantage.
• Familiarity with Linux and Windows is desirable (not strictly necessary).

• Accepting Feedback
• Accepting Feedback
• Active Listening
• Auditing
• Auditing Standards
• Audit Internal Controls
• Audit Preparation
• Audit Reporting
• Audit Risk Assessments
• Audit Support
• Business Process Improvement
• Communication
• Compliance and Standards
• Compliance Assurance
• Compliance Auditing
• Compliance Risk Assessment
• Compliance Training
• Data Analysis and Interpretation
• Developing Policies and Guidelines
• Emotional Regulation
• Empathy
• Ethics Training
• External Audit
• Inclusion
• Intellectual Curiosity
• And 21 more

Line of Service: Assurance
Industry/Sector: Not Applicable
Specialism: Risk Architecture
Management Level: Associate