Disclaimer
Welcome to vthetecheejobs.com! We gather job listings from various sources, including job websites and company portals, to bring you the best opportunities tailored to your interests. While we strive to ensure accuracy, please verify job details independently before taking any action. It’s important to note that vthetecheejobs.com does not endorse any specific employers or job listings showcased on our platform, nor are we involved in the hiring process. We want you to know that we have no affiliations or partnerships with the companies listed. Your use of our website is at your own discretion, and we’re here to support you in your job search journey!
Level 1 Security Analyst/Associate Consultant

About the Company
Job Description
The Level 1 Security Analyst is primarily responsible for the meticulous and consistent execution of all operational tasks, adhering strictly to established processes and their associated procedures. A core responsibility involves continuous monitoring of Security Information and Event Management (SIEM) tools to detect security-related events, followed by appropriate event closure or escalation as warranted. These analysts are also tasked with maintaining the group’s email address and associated distribution lists, in addition to diligently updating all pertinent documentation, including shift logs and incident tickets. Furthermore, they will provide support to the Managed Detection and Response (MDR) Analyst during incident workflows, assist the broader MDR team in the areas of incident detection and remediation, and facilitate communication with external teams to ensure proper and effective incident resolution.
Specifically, Level 1 Security Analysts will:
Serve as the initial cyber event detection group for the organization, swiftly identifying, categorizing, prioritizing, and thoroughly investigating events. This will involve leveraging all available security logs and threat intelligence resources, encompassing but not limited to:
Firewalls
Systems and Network Devices
Web Proxies
Intrusion Detection/Prevention Systems
Data Loss Prevention systems
Endpoint Detection and Response (EDR) / Antivirus Systems
Knowledgebase Frameworks (e.g., Confluence)
Continuously monitor SIEM and logging platforms to proactively identify security events and alerts indicative of potential threats, intrusions, and/or compromises. Monitoring activities will cover:
SIEM alert queues
Security email inboxes
Threat intelligence feeds received via email and other sources (e.g., NH-ISAC)
Incident ticketing queues (managed by the IT Security group)
Validate incoming alerts to effectively filter out false positives and enrich alerts with supplementary context derived from internal and external data sources.
Perform initial triage of service requests originating from both customers and internal teams.
Employ established playbook procedures to execute standardized responses for common event types, escalating alerts to Level 2 Analysts when more in-depth triage and remediation are required.
Provide assistance with threat containment and environmental remediation efforts during or following a security incident.
Actively participate in Threat Hunting exercises under the guidance of Incident Response Handlers.
Thoroughly document event analysis findings and produce comprehensive reports detailing incident investigations.
Proactively contribute to the enhancement of security-related operational processes and procedures.
Utilize available security tools to conduct historical analysis as necessary for detected events; this may include performing historical searches within SIEM tools.
Maintain detailed operational shift logs, recording all relevant activities occurring during the analyst’s shift. Document investigation results meticulously, ensuring that all pertinent information is communicated to Level 2 or MDR Analysts for final event analysis.
Update and reference the knowledgebase tool (e.g., Confluence) as needed to reflect changes to processes and procedures, and to incorporate daily intelligence reports and previous shift logs.
Conduct research and meticulously document events of interest that fall within the purview of IT Security.
Company Name | KGS Response Team |
---|---|
Role | Level 1 Security Analyst/Associate Consultant |
Location | Bangalore, Karnataka, India |
Salary | |
Job Type |
Responsibilities
- Serve as the initial cyber event detection group for the organization, swiftly identifying, categorizing, prioritizing, and thoroughly investigating events. This will involve leveraging all available security logs and threat intelligence resources, encompassing but not limited to:
Firewalls
Systems and Network Devices
Web Proxies
Intrusion Detection/Prevention Systems
Data Loss Prevention systems
Endpoint Detection and Response (EDR) / Antivirus Systems
Knowledgebase Frameworks (e.g., Confluence) - Continuously monitor SIEM and logging platforms to proactively identify security events and alerts indicative of potential threats, intrusions, and/or compromises. Monitoring activities will cover:
SIEM alert queues
Security email inboxes
Threat intelligence feeds received via email and other sources (e.g., NH-ISAC)
Incident ticketing queues (managed by the IT Security group) - Validate incoming alerts to effectively filter out false positives and enrich alerts with supplementary context derived from internal and external data sources.
- Perform initial triage of service requests originating from both customers and internal teams.
- Employ established playbook procedures to execute standardized responses for common event types, escalating alerts to Level 2 Analysts when more in-depth triage and remediation are required.
- Provide assistance with threat containment and environmental remediation efforts during or following a security incident.
- Actively participate in Threat Hunting exercises under the guidance of Incident Response Handlers.
- Thoroughly document event analysis findings and produce comprehensive reports detailing incident investigations.
- Proactively contribute to the enhancement of security-related operational processes and procedures.
- Utilize available security tools to conduct historical analysis as necessary for detected events; this may include performing historical searches within SIEM tools.
- Maintain detailed operational shift logs, recording all relevant activities occurring during the analyst’s shift. Document investigation results meticulously, ensuring that all pertinent information is communicated to Level 2 or MDR Analysts for final event analysis.
- Update and reference the knowledgebase tool (e.g., Confluence) as needed to reflect changes to processes and procedures, and to incorporate daily intelligence reports and previous shift logs.
- Conduct research and meticulously document events of interest that fall within the purview of IT Security.
Qualifications
- Applicants must possess a Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a closely related field.
- A minimum of 0-1 years of prior experience in MDR, Security Operations Center (SOC), or Incident Response is required.
- Experience as a workstream participant supporting tier-1, tier-2, or tier-3 SOC environments is highly desirable.
- Candidates must demonstrate exceptional oral and written communication skills, as well as strong client-facing abilities.
- Demonstrated analytical and communication skills are essential.
- The successful candidate must exhibit flexibility in adapting to various types of engagements, working hours, work environments, and locations.
- A proven capacity for creative and analytical thinking in a problem-solving context is crucial.
- The ability to work nights, weekends, and/or holidays may be required in the event of an incident response emergency.
- Applicants must be comfortable working under pressure and adhering to deadlines in a fast-paced environment.
- Candidates should be able to identify issues and opportunities for improvement, and effectively communicate these to senior team members.
Skills
ATS Keywords
Get instant updates on latest jobs!
Join our instagram and telegram channels.
To join our Instagram and Telegram channels click on instagram and telegram icons
Frequently Asked Questions
Desired certifications include: ISC2 CC (ISC2 Cyber Security), Security+, C|EH, Network+, and ECIH (EC Council’s Incident Handler).
A minimum of 0-1 years of prior experience in MDR, Security Operations Center (SOC), or Incident Response is required. Experience as a workstream participant supporting tier-1, tier-2, or tier-3 SOC environments is highly desirable.
The Level 1 Security Analyst is primarily responsible for monitoring SIEM tools, detecting security events, and escalating incidents as needed. They also maintain documentation, assist with incident response, and contribute to the improvement of security operations.
Familiarity with at least one SIEM tool (Qradar, Splunk, Logrhythm, or Sentinel), Email Security, TCP/IP protocol, OSI Seven Layer Model, and ticketing/ITSM tools is beneficial.
Other Information
Tags
How to Apply
- Review Job Details: Read through all the job details on this page to understand the requirements and responsibilities.
- Click the Apply Link: Scroll down and click the “Apply Link” button to be redirected to the official website.
- Fill Out the Application: On the official website, fill out the application form with the provided information.
- Double-Check Your Information: Before submitting your application, review all the details you’ve provided to ensure accuracy and completeness.
- Submit Your Application: Once you’re satisfied with your application, submit it through the official website as instructed.