Experienced Associate - L1 SOC Analyst

Line of Service

Assurance

Industry/Sector

Not Applicable

Specialism

Risk Architecture

Management Level

Associate

Job Description & Summary

In the Digital Trust & Cybersecurity team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients' changing cybersecurity needs.

The Level 1 SOC Analyst is responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. This role involves working in a 24/7 environment to detect, respond to, and mitigate security incidents. The L1 SOC Analyst will serve as the first line of defense in identifying potential threats and vulnerabilities within the organization’s network and Systems.

As a L1 SOC Analyst, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Monitor newly triggered alerts and review alerts not yet marked as Open or Closed.
• Collect relevant information to support investigation of alerts under assessment.
• Correlate alerts with data from other security devices.
• Investigate the potential impact of alerts and determine their urgency.

• Participate actively in the shift handover process.
• Conduct clear and concise shift handovers.
• Prepare comprehensive shift handover reports.
• Communicate shift handover details effectively to the incoming shift.

• Monitor logs flowing into the SIEM; identify and investigate logs that have stopped flowing.
• Liaise with server owners to resolve issues.
• Generate and maintain a list of log-related incidents, report resolutions and methods applied.
• Work with Linux syslogs by coordinating with server owners.
• For Windows logs, check permissions, user status (disabled/active), and password expiry for local users; note that user ID for Windows collections is Irsvrcollector.

• Attend to Jira tickets assigned by clients by responding to inquiries or forwarding to the appropriate group/team.
• Identify and report tickets involving log parser issues to Infra/SIEM Engineers.
• Detect and report false alarm tickets to Infra/SIEM Engineers.

• Review and analyze alerts generated by security tools and systems.
• Escalate potential security incidents to higher-level analysts (L2 or L3) according to predefined criteria.

• Diploma or Bachelor’s Degree in Cybersecurity, Network Security, or related field.
• 1 to 2 years of experience in Cybersecurity, SOC, or Surveillance.
• Proficiency in English, Malay, and Mandarin is required; proficiency in Cantonese is an added advantage.

• Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.).
• Basic knowledge of common operating systems (Windows, Linux) and their security configurations.
• Familiarity with Linux and Windows operating systems is desirable.
• Experience with security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls).
• Familiarity with cybersecurity frameworks and standards (e.g., NIST, ISO 27001).
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work in a fast-paced, 24/7 environment.

• Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) are a plus.

• This is a 12-month contract with the opportunity to be extended based on project and performance.
• Contract staff will be getting the standard benefit as permanent staff.

Job Posting End Date

June 30, 2026