Security Operations Center Analyst
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Shieldworkz is hiring an L1 SOC Analyst for a Google SecOps-powered SOC in Abu Dhabi. The role involves real-time alert monitoring, initial triage, and escalation following SOPs and playbooks.
Key Skills for This Role
Responsibilities
- Continuous monitoring of SIEM dashboard for incoming alerts across all integrated log sources
- Perform first level triage for each alert by following approved SOPs and playbooks
- Determine whether the alert is a true positive/false positive and classify initial incident priority (P1 P4)
- Conduct initial enrichment through basic context gathering like checking source/destination, reading raw logs, looking up IP or hash
- Escalate confirmed or suspected true positives to L2 with complete, structured case notes
- Record every action and timestamp in the ticketing system (ITSM)
- Maintain shift handover logs and meet SLA targets for alert acknowledgment and initial triage
Requirements
- 1–3 years of experience in a Security Operations Centre or security monitoring role
- Hands on experience with one or more SIEM platforms: Google Chronicle/SecOps, Splunk, Microsoft Sentinel, IBM QRadar, ArcSight, or LogRhythm
- Hands on experience with SOAR platforms: Palo Alto XSOAR, Splunk SOAR, IBM Resilient, or equivalent
- Working knowledge of common attack techniques and MITRE ATT&CK framework
- Ability to read and interpret log data across network, endpoint, and cloud sources
- Understanding of alert triage methodology and escalation criteria
- Basic knowledge of networking protocols: TCP/IP, DNS, HTTP/S, and firewall log interpretation
- Strong documentation discipline and attention to detail
- Willingness to work in a 24x7 shift based environment including nights, weekends, and public holidays
- Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or a related technical discipline
- Preferred certifications: CEH, ECSA, CompTIA Security+, CC (ISC²) or equivalent
Full Job Posting
Role Overview
- The L1 SOC Analyst is the first line of defence within the Google SecOps powered SOC, responsible for real time alert monitoring, initial triage, and escalation.
- The role operates within defined SOPs and playbooks, handling high alert volumes with speed and accuracy while ensuring zero missed escalations.
Key Responsibilities
- Continuous monitoring of SIEM dashboard (within the shift period) for incoming alerts across all integrated log sources like network, endpoint, identity, cloud, email, etc.
- Perform first level triage for each alert by following approved SOPs and playbooks.
- Determine whether the alert is a true positive/ false positive, and classify initial incident priority (P1 P4) based on the severity matrix defined in the SOP and escalate to L2 for further investigation
- Conduct initial enrichment through basic context gathering like checking the source/destination, reading the raw logs, looking up an IP or hash, confirming whether an asset or user is in scope.
- When an alert is a confirmed or suspected true positive, escalate to L2 with complete, structured case notes (what was seen, what was checked, timestamps, and why it's being escalated)
- Record every action, timestamp, in the ticketing system (ITSM)
- Maintain shift handover logs and meet SLA targets for alert acknowledgment and initial triage.
Required Skills & Experience
- 1–3 years of experience in a Security Operations Centre or security monitoring role.
- Hands on experience with one or more SIEM platforms: Google Chronicle/SecOps, Splunk, Microsoft Sentinel, IBM QRadar, ArcSight, or LogRhythm.
- Hands on experience with SOAR platforms: Palo Alto XSOAR, Splunk SOAR, IBM Resilient, or equivalent.
- Working knowledge of common attack techniques and MITRE ATT&CK framework.
- Ability to read and interpret log data across network, endpoint, and cloud sources.
- Understanding of alert triage methodology and escalation criteria.
- Basic knowledge of networking protocols: TCP/IP, DNS, HTTP/S, and firewall log interpretation.
- Strong documentation discipline and attention to detail.
Behavioural & Operational Requirements
- Willingness to work in a 24x7 shift based environment including nights, weekends, and public holidays.
- Flexible and adaptable to rotational shift schedules and short notice coverage needs.
- Strong team player — ability to collaborate effectively across shift teams and hand over cases with full context and clarity.
- Maintains composure and consistent performance under high alert volume conditions.
Education
- Minimum qualification required: Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or a related technical discipline.
- Master’s Degree in Cybersecurity or Computer Science is an added advantage.
Preferred Qualifications
- Certifications (any of the following): Certified Ethical Hacker (CEH), EC Council Certified Security Analyst (ECSA), CompTIA Security+, CC (ISC²) or equivalent industry recognized certification.
- Exposure to Agentic AI tools or AI assisted SOC workflows — including LLM based alert triage assistants, AI driven investigation copilots, or automated threat summarization tools.
- Familiarity with ticketing tools such as ServiceNow or JIRA.
- Prior experience in a 24x7 shift based SOC or MSSP environment.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Shieldworkz
L2 Security Operations Center Analyst
Abu Dhabi, UAE
Shieldworkz is looking for an L2 SOC Analyst to handle escalated alerts, conduct deep investigations, and drive incident response actions. The role requires 3-5 years of SOC experience with at least 1-2 years at L2, prof
Business Development Specialist
Abu Dhabi, UAE
At Shieldworkz, we don’t just build cybersecurity products, we safeguard the lifelines of critical infrastructure. As a Business Development Specialist , you’ll be at the forefront of expanding our presence in OT/ICS cyb