Junior SOC Analyst

Accesa
Hybrid

About The Position

We are looking for a SOC Analyst - Level 1 who can take ownership of routine security investigations, not just review alerts and pass them on. The role combines hands-on alert analysis, evidence correlation, clear case documentation, sound recommendations, and reliable handoff quality. This is a shift-based live operations role. You will be expected to work as part of a rota that may include day, late, night, and weekend shifts, with public-holiday coverage only where the agreed service model requires it. Good handover discipline and clear shift continuity are part of the role. This is not just a queue-monitoring role, and it is not a senior incident leadership position. You will be expected to work cases properly, reach a well-supported view of what is happening, and either move the case to closure within your scope or escalate it cleanly when impact, uncertainty, or complexity goes beyond it. Regular use of AI tools to improve productivity, automate or reduce repetitive work, support decision-making, and deliver higher-quality outcomes. Ability to use AI tools responsibly by structuring effective prompts, critically validating outputs, understanding limitations, and taking ownership of the final result.

Requirements

  • Comfort with investigation and alert analysis in a SOC, MDR, or similar operational security environment.
  • Ability to collect, validate, and correlate evidence across multiple data sources.
  • Working knowledge of endpoint, identity, email, cloud, and network security concepts.
  • Familiarity with investigation, monitoring, case-handling, and escalation workflows.
  • Clear written and verbal communication in English.
  • Good documentation habits and disciplined escalation judgment.
  • Willingness and ability to work shift patterns as required by the service model.
  • Ability to explain why a detection, workflow, or playbook is not working well in practice and suggest useful improvements.

Nice To Haves

  • 1-4 years of relevant experience in cybersecurity operations, incident analysis, or incident response.
  • Prior exposure to SOC, MDR, or incident response workflows.
  • Hands-on exposure to Microsoft Sentinel, Microsoft Defender XDR, Cortex XSOAR, Elastic Security, Vectra NDR, or similar security operations platforms.
  • Basic KQL or equivalent query-language experience for investigation support.
  • Ability to work across multiple enterprise technologies and investigation contexts.
  • Experience contributing tuning suggestions, identifying noisy detections, drafting playbook improvements, or proposing investigation automation.
  • Familiarity with common security frameworks or ATT&CK-style analysis.
  • Certifications such as CompTIA Security+, CompTIA CySA+, Microsoft SC-200, or similar operational security certifications.
  • German language skills would be an advantage.

Responsibilities

  • Take ownership of routine security investigations.
  • Perform hands-on alert analysis.
  • Correlate evidence.
  • Document cases clearly.
  • Provide sound recommendations.
  • Ensure reliable handoff quality.
  • Maintain good handover discipline and clear shift continuity.
  • Work cases properly and reach a well-supported view of what is happening.
  • Move cases to closure within scope or escalate cleanly when impact, uncertainty, or complexity goes beyond scope.
  • Use AI tools to improve productivity, automate or reduce repetitive work, support decision-making, and deliver higher-quality outcomes.
  • Use AI tools responsibly by structuring effective prompts, critically validating outputs, understanding limitations, and taking ownership of the final result.

Benefits

  • Medical benefits
  • Gym support
  • Personalised fitness options
  • Team events
  • Healthy Habits Club
  • Flexibility to define work-life dynamic
  • Holistic benefits program covering social, physical, and emotional wellbeing, as well as work-life fusion.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service