Tier 1 Cyber Security Analyst (SOC Analyst) – Day

About The Position

Requirements

• High School Diploma or equivalent.
• Approximately 6 months to 1 year of experience in cyber security, SOC operations, IT support, or IT helpdesk, or equivalent foundational experience in a related IT discipline.
• Ability to work in a 24x7 SOC environment, including evenings, weekends, or shift work as required by operational coverage needs.
• Basic knowledge of networking protocols and operating systems sufficient to understand security alerts and differentiate normal from suspicious activity.
• Strong analytical mindset and attention to detail, with the ability to methodically troubleshoot and investigate security alerts.
• Strong written documentation and verbal communication skills to clearly record investigations and collaborate with SOC teammates.
• U.S. citizenship with the ability to meet client background investigation requirements for a federal IT environment.

Nice To Haves

• Entry-level cybersecurity certifications such as CompTIA Security+, ISC2 CC, SC-900, or Cisco CyberOps Associate (or equivalent foundational security certification).
• Exposure to at least one SIEM or security monitoring platform, including basic querying to filter and pivot on security events.
• Basic knowledge of networking protocols (for example, TCP/IP, DNS, HTTP) and common cyber threats such as phishing, malware, and authentication attacks.
• Post-secondary education in Cybersecurity, Information Technology, or Computer Science.

Responsibilities

• Monitor and analyze security alerts generated by SIEM, EDR, and other security tools to identify suspicious activity, basic intrusion patterns, and policy violations in near real time.
• Perform initial triage on alerts by validating events, correlating related activity, and determining whether behavior represents a true security incident or benign activity.
• Document investigation steps, observations, and preliminary impact assessments in SOC ticketing systems to support efficient handoffs and maintain a complete audit trail.
• Identify common threats such as phishing emails, commodity malware, brute-force attempts, and anomalous network traffic using foundational knowledge of networking and operating systems.
• Escalate confirmed or ambiguous security incidents to Tier 2 analysts, providing concise summaries, supporting evidence, and recommended next steps in accordance with SOC playbooks.
• Follow defined SOC procedures, security playbooks, and escalation protocols to ensure consistent, compliant incident handling and operational coverage across shifts.
• Collaborate with SOC team members to maintain situational awareness, share findings, and support overall incident response readiness in the client environment.
• Participate in knowledge-sharing and continuous learning activities to stay current on emerging threats, SOC tools, and best practices in security operations.