MSSP SOC Analyst (Tier 1)

Job Overview And Responsibility

The Tier 1 MSSP SOC Analyst plays a critical role in the first line of defense against cybersecurity threats. The role involves proactive monitoring, initial triage, and documentation of security incidents. Analysts will utilize various security tools and systems to detect, analyze, and escalate threats as required while ensuring effective communication and collaboration across the SOC team. Responsibilities: • Incident Monitoring and Detection: • Perform proactive monitoring of logs, data, link utilization, and system availability across multiple SIEMs or security tools. • Detect and identify potential security incidents using pre-defined rules and correlation. • Conduct blacklist scanning, keyword ingestion, and fine-tuning of SIEM rules for improved accuracy. • Incident Management: • Investigate and triage alerts to determine the severity and impact of security events. • Document detailed assessments and actions taken into incident tickets. • Escalate incidents that require further investigation or resolution to Tier 2. • Use standardized templates as a base but proactively amend escalation emails based on current investigations and analysis without referring to past emails. • Customer Interaction: • Handle customer phone calls and respond to escalation emails. • Prepare standardized escalation email templates for efficient communication. • Collaboration and Process Improvement: • Work closely with Tier 2, Tier 3 (SOC Leads), and SOC Managers to ensure incidents are effectively mitigated and resolved. • Participate in feedback sessions and process improvement reviews to enhance Tier 1 workflows.