Junior SOC Analyst
About The Position
We are looking for a SOC Analyst - Level 1 who can take ownership of routine security investigations, not just review alerts and pass them on. The role combines hands-on alert analysis, evidence correlation, clear case documentation, sound recommendations, and reliable handoff quality. This is a shift-based live operations role. You will be expected to work as part of a rota that may include day, late, night, and weekend shifts, with public-holiday coverage only where the agreed service model requires it. Good handover discipline and clear shift continuity are part of the role. This is not just a queue-monitoring role, and it is not a senior incident leadership position. You will be expected to work cases properly, reach a well-supported view of what is happening, and either move the case to closure within your scope or escalate it cleanly when impact, uncertainty, or complexity goes beyond it.
Requirements
- Comfort with investigation and alert analysis in a SOC, MDR, or similar operational security environment.
- Ability to collect, validate, and correlate evidence across multiple data sources.
- Working knowledge of endpoint, identity, email, cloud, and network security concepts.
- Familiarity with investigation, monitoring, case-handling, and escalation workflows.
- Clear written and verbal communication in English.
- Good documentation habits and disciplined escalation judgment.
- Willingness and ability to work shift patterns as required by the service model.
- Responsible AI literacy, including the ability to use approved AI-assisted workflows cautiously, validate outputs against source evidence, avoid entering customer-sensitive data into unapproved or public AI tools, and avoid treating AI output as evidence, approval, or authority.
- Ability to explain why a detection, workflow, or playbook is not working well in practice and suggest useful improvements.
Nice To Haves
- 1-4 years of relevant experience in cybersecurity operations, incident analysis, or incident response.
- Prior exposure to SOC, MDR, or incident response workflows.
- Hands-on exposure to Microsoft Sentinel, Microsoft Defender XDR, Cortex XSOAR, Elastic Security, Vectra NDR, or similar security operations platforms.
- Basic KQL or equivalent query-language experience for investigation support.
- Ability to work across multiple enterprise technologies and investigation contexts.
- Experience contributing tuning suggestions, identifying noisy detections, drafting playbook improvements, or proposing investigation automation.
- Familiarity with common security frameworks or ATT&CK-style analysis.
- Certifications such as CompTIA Security+, CompTIA CySA+, Microsoft SC-200, or similar operational security certifications.
- German language skills would be an advantage.
Responsibilities
- Take ownership of routine security investigations.
- Perform hands-on alert analysis.
- Correlate evidence.
- Document cases clearly.
- Provide sound recommendations.
- Ensure reliable handoff quality.
- Maintain good handover discipline and clear shift continuity.
- Work cases properly and reach a well-supported view of what is happening.
- Move cases to closure within scope or escalate cleanly when impact, uncertainty, or complexity goes beyond scope.
Benefits
- Medical benefits
- Gym support
- Personalized fitness options
- Team events
- Healthy Habits Club
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
No Education Listed
