Job Title: L1 SOC Analyst – Splunk
Experience: 2–3 Years
Openings: 1
Location: Trivandrum (also open for Hyderabad / Kochi / Bangalore / Chennai)
Company: CyberProof, A UST Company
About CyberProof:
CyberProof is a leading cybersecurity services and platform company helping enterprises detect, respond to, and manage security threats with speed and intelligence. As a part of UST, we provide automated threat detection and rapid incident response with a global team rooted in Israeli Intelligence expertise.
Role Summary:
The L1 SOC Analyst is the first line of defense in the Security Operations Center. The role focuses on:
First triage and classification of security cases
Initiating threat detection and response
Collaborating with other security teams
Supporting process documentation and incident quality reporting
Key Responsibilities (Principal Duties):
Respond quickly to all incoming security cases and ensure proper classification and escalation within SLA timeframes.
Conduct initial triage investigations using tools integrated into the SOAR platform, and document all findings and conclusions.
At the beginning of each shift, review new updates in SOAR, Teams channels, emails, and other tools to prepare for ongoing case investigations.
Ensure a smooth shift handover by clearly communicating case status and updates to the next team.
Report any procedural inconsistencies or concerns to the Team Lead or L2 Analysts.
Escalate complex issues or uncertainties to Senior L1 Analysts or Shift Leads before approaching L2.
Assist Lead Analysts and L2 teams in compiling data for Weekly, Monthly, and Quarterly Business Reviews (QBRs).
Required Skills and Qualifications:
Minimum 1 year of experience as a Security Analyst.
Proficient in investigating phishing, malware, and related threats.
Strong understanding of network security and computer networking concepts.
Experience with SIEM tools, especially Splunk.
Familiarity with endpoint protection tools.
Capable of analyzing network traffic, interpreting logs, and examining packet captures.
Excellent critical thinking and problem-solving skills.
Strong written and verbal communication skills.
Experience in managing and analyzing security alerts is a plus.
Familiarity with cloud environments is advantageous.
Holding relevant cybersecurity certifications is a plus (e.g., CompTIA Security+, CEH, Splunk certs, etc.).
Job Type: Full-Time
Work Mode: Onsite/Hybrid (depending on location policies)
