_edited_edite.png){kind=small}
About the Role
The SOC/NOC Analyst is responsible for monitoring, analyzing, and responding to both cybersecurity and network operations alerts to ensure the security, availability, and performance of the organization’s IT and OT environments. This hybrid role bridges network operations and cybersecurity, ensuring rapid detection, response, and escalation of incidents to maintain optimal uptime and protection of enterprise assets.
What you will do.
Key Responsibilities
Monitor security alerts from SIEM, IDS/IPS, endpoint detection, and threat intelligence platforms.
Perform initial triage and classification of security incidents, escalating as necessary to senior analysts or incident response teams.
Investigate alerts and anomalies, analyzing logs, network packets, and endpoint data to detect malicious activity.
Support forensic analysis and evidence preservation for incident investigations.
Contribute to the creation and tuning of detection rules and automated playbooks for threat detection and response.
Monitor network and systems for performance, outages, and service disruptions.
Respond to and troubleshoot network and system events, ensuring timely remediation or escalation.
Maintain accurate documentation of incidents, changes, and operational metrics.
Collaborate with network and systems teams to resolve complex issues and restore services.
Maintain up-to-date knowledge of cybersecurity threats, vulnerabilities, and best practices.
Provide accurate, timely reporting of incident status and resolutions to management.
Participate in after-action reviews and lessons-learned sessions to improve processes and resilience.
Assist in the development of SOC/NOC procedures, checklists, and knowledge base articles.
What we are looking for.
Required Qualifications
Associate’s or Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field; or equivalent experience.
1–3 years of experience in a SOC, NOC, or IT operations environment.
Familiarity with SIEM platforms (Splunk, Sentinel, QRadar, etc.) and network monitoring tools (SolarWinds, Nagios, PRTG, etc.).
Understanding of network protocols (TCP/IP, DNS, HTTP/S, etc.) and system administration (Windows, Linux).
Ability to analyze and interpret logs from firewalls, servers, and security tools.
Strong problem-solving, analytical, and communication skills.
Ability to work in 24/7 shift environments, including nights, weekends, or on-call rotations.
Preferred Qualifications
Certifications such as CompTIA Security+, Network+, CySA+, GCIH, or CCNA.
Experience with cloud environments (AWS, Azure, or GCP) and their monitoring/security tools.
Knowledge of scripting or automation with Python, PowerShell, or Bash.
Exposure to ITIL or similar IT service management frameworks.
Hands-on experience with EDR, SOAR, or vulnerability management platforms.