Experienced Associate - L1 SOC Analyst

As a L1 SOC Analyst, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: 

Alert Triage & Investigation 

• Monitor newly triggered alerts and review alerts not yet marked as Open or Closed. 

• Collect relevant information to support investigation of alerts under assessment. 

• Correlate alerts with data from other security devices. 

• Investigate the potential impact of alerts and determine their urgency. 

Shift Handover Management 

• Participate actively in the shift handover process. 

• Conduct clear and concise shift handovers. 

• Prepare comprehensive shift handover reports. 

• Communicate shift handover details effectively to the incoming shift. 

Log Monitoring & Issue Resolution 

• Monitor logs flowing into the SIEM; identify and investigate logs that have stopped flowing. 

• Liaise with server owners to resolve issues. 

• Generate and maintain a list of log-related incidents, report resolutions and methods applied. 

• Work with Linux syslogs by coordinating with server owners. 

• For Windows logs, check permissions, user status (disabled/active), and password expiry for local users; note that user ID for Windows collections is Irsvrcollector. 

Ticket Handling 

• Attend to Jira tickets assigned by clients by responding to inquiries or forwarding to the appropriate group/team. 

• Identify and report tickets involving log parser issues to Infra/SIEM Engineers. 

• Detect and report false alarm tickets to Infra/SIEM Engineers. 

Security Alert Analysis & Escalation 

• Review and analyze alerts generated by security tools and systems. 

• Escalate potential security incidents to higher-level analysts (L2 or L3) according to predefined criteria. 

• Diploma or Bachelor's Degree in Cybersecurity, Network Security, or related field. 

• 1 to 2 years of experience in Cybersecurity, SOC, or Surveillance. 

• Proficiency in English, Malay, and Mandarin is required; proficiency in Cantonese is an added advantage. 

Skills and Competencies 

• Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.). 

• Basic knowledge of common operating systems (Windows, Linux) and their security configurations. 

• Familiarity with Linux and Windows operating systems is desirable. 

• Experience with security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls). 

• Familiarity with cybersecurity frameworks and standards (e.g., NIST, ISO 27001). 

• Strong analytical and problem-solving skills. 

• Excellent written and verbal communication skills. 

• Ability to work in a fast-paced, 24/7 environment. 

Certifications 

• Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) are a plus.