Junior SOC Analyst

Accesa
Hybrid

About The Position

We are looking for a SOC Analyst - Level 1 who can take ownership of routine security investigations, not just review alerts and pass them on. The role combines hands-on alert analysis, evidence correlation, clear case documentation, sound recommendations, and reliable handoff quality. This is a shift-based live operations role. You will be expected to work as part of a rota that may include day, late, night, and weekend shifts, with public-holiday coverage only where the agreed service model requires it. Good handover discipline and clear shift continuity are part of the role. This is not just a queue-monitoring role, and it is not a senior incident leadership position. You will be expected to work cases properly, reach a well-supported view of what is happening, and either move the case to closure within your scope or escalate it cleanly when impact, uncertainty, or complexity goes beyond it.

Requirements

  • Comfort with investigation and alert analysis in a SOC, MDR, or similar operational security environment.
  • Ability to collect, validate, and correlate evidence across multiple data sources.
  • Working knowledge of endpoint, identity, email, cloud, and network security concepts.
  • Familiarity with investigation, monitoring, case-handling, and escalation workflows.
  • Clear written and verbal communication in English.
  • Good documentation habits and disciplined escalation judgment.
  • Willingness and ability to work shift patterns as required by the service model.
  • Responsible AI literacy, including the ability to use approved AI-assisted workflows cautiously, validate outputs against source evidence, avoid entering customer-sensitive data into unapproved or public AI tools, and avoid treating AI output as evidence, approval, or authority.
  • Ability to explain why a detection, workflow, or playbook is not working well in practice and suggest useful improvements.

Nice To Haves

  • 1-4 years of relevant experience in cybersecurity operations, incident analysis, or incident response.
  • Prior exposure to SOC, MDR, or incident response workflows.
  • Hands-on exposure to Microsoft Sentinel, Microsoft Defender XDR, Cortex XSOAR, Elastic Security, Vectra NDR, or similar security operations platforms.
  • Basic KQL or equivalent query-language experience for investigation support.
  • Ability to work across multiple enterprise technologies and investigation contexts.
  • Experience contributing tuning suggestions, identifying noisy detections, drafting playbook improvements, or proposing investigation automation.
  • Familiarity with common security frameworks or ATT&CK-style analysis.
  • Certifications such as CompTIA Security+, CompTIA CySA+, Microsoft SC-200, or similar operational security certifications.
  • German language skills would be an advantage.

Responsibilities

  • Take ownership of routine security investigations.
  • Perform hands-on alert analysis.
  • Correlate evidence.
  • Document cases clearly.
  • Provide sound recommendations.
  • Ensure reliable handoff quality.
  • Maintain good handover discipline and clear shift continuity.
  • Work cases properly and reach a well-supported view of what is happening.
  • Move cases to closure within scope or escalate cleanly when impact, uncertainty, or complexity goes beyond scope.

Benefits

  • Medical benefits
  • Gym support
  • Personalized fitness options
  • Team events
  • Healthy Habits Club
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service