{bc}
linkedin

L1 SOC Analyst

Cansol Technologies
Dubai, UAE
Full Time
Entry
Onsite
3 days ago
SplunkSentinelOneMicrosoft DefenderSIEMIDS/IPSXDR
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

SplunkSentinelOneMicrosoft Defender
Smart Apply

Full Job Posting

Role Overview

  • The SOC L1 Analyst is the first line of defense in the organization's security monitoring operations, responsible for continuously monitoring security alerts, performing initial triage, and escalating validated incidents to L2/L3 teams.
  • This role requires strong attention to detail, familiarity with common attack patterns, and the ability to work in a 24x7 shift environment.

Key Responsibilities

  • Monitor security events and alerts generated by SIEM, IDS/IPS, XDR, firewalls, and other security tools in real time
  • Perform initial triage and classification of alerts (true positive, false positive, benign)
  • Investigate and analyze security incidents (phishing, malware, unauthorized access attempts, suspicious network traffic) using Splunk, SentinelOne, and Microsoft Defender
  • Escalate confirmed incidents to L2/L3 analysts with detailed documentation
  • Create and maintain incident tickets following standard operating procedures (SOPs) and playbooks
  • Conduct log analysis across endpoints, network devices, and servers to identify indicators of compromise (IOCs)
  • Monitor threat intelligence feeds and apply relevant IOCs to detection systems
  • Support vulnerability scanning and basic remediation tracking
  • Maintain shift handover reports and incident logs
  • Adhere to SLAs for alert response and escalation timelines
  • Assist in fine tuning detection rules to reduce false positives (in coordination with L2/L3)

Required Skills & Qualifications

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent practical experience)
  • Minimum 2 years of hands on experience in a SOC/NOC or security monitoring role
  • Mandatory hands on experience with Splunk (log analysis, dashboards, search queries/SPL, alert investigation)
  • Mandatory hands on experience with SentinelOne (endpoint threat detection, incident response, threat hunting)
  • Mandatory hands on experience with Microsoft Defender (Defender for Endpoint / Defender XDR — alert triage, incident correlation)
  • Understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, VPN, firewalls)
  • Familiarity with common attack vectors: phishing, malware, DDoS, brute force, insider threats
  • Basic knowledge of the MITRE ATT&CK framework
  • Understanding of Extended Detection and Response (XDR) platforms and cross layer correlation (endpoint, network, cloud, identity)
  • Ability to read and interpret logs (Windows Event Logs, Linux syslogs, firewall logs)
  • Strong analytical and problem solving skills
  • Good written and verbal communication for incident documentation and escalation

Preferred Certifications (Nice to Have)

  • CompTIA Security+
  • CEH (Certified Ethical Hacker)
  • GIAC GSEC/GCIA
  • Microsoft SC 200 (Security Operations Analyst)
  • Splunk Core Certified User/Power User
  • SentinelOne Certified Analyst

Soft Skills

  • Ability to work under pressure during active incidents
  • Team collaboration across shifts
  • Curiosity and willingness to learn evolving threat landscapes
  • Strong documentation discipline

Visa Status

  • People already available in UAE will be considered only

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today