About this position
The SOC Analyst I (Tier 1) serves as the first line of defense within the Security Operations Center. This role is responsible for monitoring, analyzing, and responding to security events across client environments while providing professional, timely support in a fast-paced managed security services environment.
This individual combines foundational cybersecurity knowledge with strong troubleshooting and customer service skills. The SOC Analyst I performs initial alert triage, investigates suspicious activity, resolves user-impacting security issues when possible, and escalates more complex incidents according to established procedures.
This is an entry-level security role designed for candidates with a strong networking or IT background and a passion for learning cybersecurity operations.
Requirements:
Essential Duties & Responsibilities
Security Monitoring & Event Handling
- Monitor SIEM, IDS/IPS, EDR, firewall, and authentication alerts
- Perform initial triage and classification of security events
- Investigate alerts related to malware, phishing, unauthorized access, policy violations, and network anomalies
- Document findings thoroughly in the ticketing system
- Escalate confirmed or complex incidents to Tier 2 or senior analysts
Troubleshooting & User Support
- Professionally answer inbound security-related calls and requests
- Create and manage incident and service tickets
- Troubleshoot hardware/software failures related to security controls
- Assist with VPN issues, authentication failures, endpoint alerts, and connectivity issues
- Coordinate resolution efforts using established troubleshooting and incident management processes
Incident Response Support
- Assist in containment and remediation steps under supervision
- Collect logs, screenshots, and relevant forensic artifacts when required
- Follow established playbooks and response procedures
- Participate in post-incident documentation and review
Security Policy & Best Practices
- Support implementation and enforcement of security policies
- Assist with basic change requests to security configurations
- Help ensure best practice security controls are aligned with business needs
- Support compliance initiatives (CMMC, NIST, CIS controls)
Continuous Learning & Improvement
- Participate in ongoing technical training
- Stay current on emerging threats and common attack methods
- Contribute feedback to improve SOC processes and playbooks
Required Qualifications
- Associate Degree in IT, Cybersecurity, or equivalent experience
- 0–2 years of IT, networking, helpdesk, or security experience
- Foundational understanding of:
- Networking fundamentals (TCP/IP, DNS, DHCP)
- OSI model
- LAN/WAN topologies
- VPN technology
- Active Directory
- Windows and basic Unix/Linux systems
- Basic understanding of:
- IDS/IPS systems
- SIEM tools
- Packet captures
- Security event analysis
- Strong written and verbal communication skills
- Ability to manage multiple tasks in a fast-paced environment
- Strong customer service orientation
Preferred Qualifications
- CompTIA Security+ (or working toward certification)
- Experience in an MSP environment
- Familiarity with ticketing systems
- Exposure to Microsoft 365 / Azure security controls
Core Competencies
- Analytical thinking
- Attention to detail
- Strong documentation habits
- Customer-focused mindset
- Ability to work with minimal supervision on routine tasks
- Desire to grow in cybersecurity
Performance Expectations (Tier 1)
- Accurate alert triage and classification
- Proper escalation following documented procedures
- Ticket documentation completeness
- SLA adherence
- Professional client communication
- Continuous skill development