Cyber Security Analyst Tier 1

The Tier 1 SOC Analyst is part of the front line of our Security Operations Center responsible for continuous monitoring initial investigation and rapid response to security alerts and incidents. You will be acting as the first point of contact for detecting suspicious activity escalating threats and ensuring the environment remains secure.

Strong knowledge of security threats incident detection technologies and investigation techniques is expected. Candidates should demonstrate adaptability willingness to work in 24x7 shifts and eagerness to learn emerging security tools and techniques.

Responsibilities:

• Monitor SOAR SIEM IDS/IPS endpoint and network security tools for alerts and anomalies.

• Perform triage of incoming security events to assess severity scope and potential impact.

• Investigate alerts to differentiate false positives from genuine threats.

• Document findings clearly and escalate incidents according to SOC playbooks.

• Initiate containment measures for confirmed incidents (e.g. isolating endpoints disabling accounts).

• Support vulnerability and patch management activities by monitoring for unpatched systems.

• Maintain situational awareness of current threats and common attack techniques (e.g. phishing malware brute force).

• Contribute to incident reports and post-incident reviews.

• Use SOAR platforms for automating detection and response where possible.

Qualifications :

Experience:

• 1-2 years of experience in Security Operations or in a SOC
• Experience with SIEM EDR IAM DLP and incident response.
• Familiarity with host-based detection and prevention suites (e.g. Microsoft Defender Azure Security Center Sentinel Cisco Umbrella M-Vision).
• Familiarity with security incident management tools (e.g. ServiceNow).
• Working knowledge of Microsoft and/or other OS environments.

Technical Skills:

• Solid understanding of TCP/IP firewalls VPNs IDS/IPS anti-virus and endpoint protection.
• Basic understanding of firewall configuration and system patching.
• Experience with log analysis and malware detection.
• Familiarity with scripting languages (e.g. Python Perl) is a plus.
• Certifications such as Microsoft Security Certifications Comptia Sec/CYSA ISC2 CC are a plus

Additional Information :

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package share plan company performance bonuses value-based recognition awards referral bonus;   
• Career Development: Career coaching global career opportunities non-linear career paths internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects rotations internal tech communities training certifications coaching online learning platforms subscriptions pass-it-on sessions workshops conferences;
• Work-Life Balance: Hybrid work and flexible working hours employee assistance programme;
• Health: Global internal wellbeing programme access to wellbeing apps;
• Community: Global internal tech communities hobby clubs and interest groups inclusion and diversity programmes events and celebrations.

At Endava were committed to creating an open inclusive and respectful environment where everyone feels safe valued and empowered to be their best. We welcome applications from people of all backgrounds experiences and perspectivesbecause we know that inclusive teams help us deliver smarter more innovative solutions for our customers. Hiring decisions are based on merit skills qualifications and potential. If you need adjustments or support during the recruitment process please let us know.

Remote Work :

No

Employment Type :

Full-time