Ensign is hiring !
Role Overview
The Security Analyst (L1) is responsible for monitoring, detecting, and responding to security events and incidents. This role serves as the first line of defense within the Security Operations Centre (SOC), ensuring timely identification and escalation of potential threats.
Key Responsibilities
Monitor security alerts and events using SIEM and other security tools
Perform initial triage and analysis of security incidents
Investigate alerts to determine severity and impact
Escalate confirmed or high-risk incidents to L2/L3 teams
Document incidents, findings, and actions taken in ticketing systems
Follow standard operating procedures (SOPs) and playbooks
Assist in incident response activities and containment actions
Perform basic log analysis across systems (e.g., network, endpoint, servers)
Ensure timely response and resolution in line with SLAs
Support continuous improvement of SOC processes and documentation
Education & Experience:
Diploma/Degree in IT, Computer Science, Cybersecurity, or related field
0–2 years of experience in cybersecurity or IT support (fresh graduates are encouraged to apply)
Technical Skills:
Basic understanding of networking concepts (TCP/IP, DNS, firewalls)
Familiarity with operating systems (Windows, Linux)
Exposure to security tools (SIEM, antivirus, EDR) is an advantage
Basic knowledge of cybersecurity concepts (threats, vulnerabilities, attack vectors)