Security Operation Center Analyst

The SOC Analyst will be responsible for protecting IFZA's information systems by identifying, assessing and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.Key Responsibilities1. Security MonitoringMonitor SIEM dashboards (e.g., Microsoft Sentinel) and security alerts in real time.Track and analyze events from security tools (e.g., Microsoft Defender).Identify suspicious activities, anomalies, or policy violations.2. Incident Triage & ResponsePerform initial investigation and classification of alerts (false positive vs true positive).Collect and review logs, event details, reputation information, and indicators of compromise.Escalate confirmed or high‑severity incidents to L2/L3 analysts with proper documentation.Initiate predefined response actions (isolating devices, forcing password resets, blocking IPs).3. Threat AnalysisCheck IOC hits against threat intelligence sources.Analyze phishing emails, malware infections, malicious URLs, attachments, credential‑harvesting attempts and unauthorized access.Identify trends across alerts to support early‑stage threat detection.4. Documentation & ReportingCreate detailed incident tickets and investigation notes.Conduct root‑cause analysis and document incident reports with remediation recommendations.Maintain proper incident timelines and updates in the ticketing system.Generate reports for repeated or trending issues.5. CollaborationWork closely with Security Team and internal IT teams.Communicate effectively with users to validate suspicious activities or login attempts.Follow established SOPs and contribute to process improvements.6. Security Awareness and TrainingConduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).Create and distribute educational materials on emerging cyber threats.7. Threat Intelligence and ResearchStay updated on the latest cyber threats, vulnerabilities, and attack vectors.Analyze threat intelligence reports and apply findings to enhance the organization’s security posture.Required QualificationsBachelor's in engineering, Computer Science, or related field.5-7 years of experience in SOC operations.Minimum 3+ years hands‑on experience in SOC, blue team, or security engineering roles.Proven expertise with Microsoft Sentinel, Microsoft Defender, incident management and compromised recovery.Technical SkillsSolid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.Scripting for automation (Python, Bash, or PowerShell).Familiarity with MITRE ATT&CK mapping and threat‑hunting methodology.Certifications (Good to Have): CompTIA Security+, Microsoft SC-200, CEH, CCNA or CCNP Security.Benefits#J-18808-Ljbffr