L1 Soc Analyst

Job description / Role

Job description

The L1 SOC Analyst serves as the first line of defense within the Security Operations Center, responsible for monitoring, triaging, and escalating security alerts in accordance with defined procedures and SLAs. The role focuses on initial alert investigation, incident logging, and ensuring accurate and timely escalation to higher-tier analysts when required.

Responsibility

• Serve as the first SOC tier to monitor and triage security alerts.
• Ensure threat alerts are contextually analyzed and escalated to the next SOC tier when deeper analysis is required.
• Provide feedback and comments on relevant data quality and visibility issues.
• Monitor and report on the health of the data collection and log ingestion pipelines.
• Log security incidents accurately and ensure adequate information is available for L2/L3 analysts.
• Generate and distribute scheduled and ad-hoc SOC reports.
• Operate independently to investigate and escalate alerts in line with operational requirements and SLA commitments.
• Adhere to SOC processes, playbooks, and incident handling procedures.

Personal skills

• Excellent communication skills
• Excellent problem-solving skills
• Ability to support and balance own time among multiple tasks, and lead junior staff when required
• Ability to successfully interface with clients (internal and external)
• Ability to document and explain technical details in a concise, understandable manner
• Excellent command of English
• Ability to work independently and as part of a team

Technical skills

• Previous hands-on experience with SIEM technologies (e.g., QRadar, Splunk, LogRhythm, Elastic SIEM)
• Good knowledge of operating systems, primarily Windows and Linux
• Good understanding of networking protocols, concepts, and technologies
• Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field, or equivalent practical experience
• Security certifications such as Security+, GSEC, CEH, or similar are a plus
• Experience in programming or scripting (e.g., Python, PERL, Java, Shell, PowerShell)
• Previous experience working as a systems or network administrator
• Experience configuring or supporting network security solutions (e.g., SIEM, firewalls, IDS/IPS)
• Exposure to incident response and digital forensics activities
• Previous experience as a penetration tester is an added advantage

Education

Bachelor's in Computer Science, Digital Forensics, Engineering, other related field, or equivalent

About the Company

Giza Systems, a leading systems integrator in the MEA region, designs and deploys industry-specific technology solutions for asset-intensive industries such as the telecoms, utilities, oil and gas, hospitality and real estate among other market sectors. We help our clients streamline their operations and businesses through our portfolio of solutions, managed services, and consultancy practice. Our team of 1000 professionals are spread throughout the region with anchor offices in Cairo, Riyadh, Dubai, Doha, Nairobi, Dar-es-Salaam, Abuja, Kampala and New Jersey, allowing us to service an ever-increasing client base in over 40 countries.