SOC L1 - Threat Hunting

Job Description

Job brief We are seeking a highly motivated Level 1 SOC Threat Hunter to join our Security Operations Center team. This entry-level role is ideal for individuals with a foundational understanding of cybersecurity who are eager to grow their skills in proactive threat detection and response. As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-have: 2 - 3 Year Experience as SOC Analyst (Experience in SIEM Tool ELK Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, Email security. Excellent written and verbal communication skills. Good to have: Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ Others Reporting To: Service Delivery Manager Commencement Date: Immediate Main Responsibilities Monitor security alerts and events from SIEM and other security tools. Perform basic threat hunting across endpoints, network traffic, and log sources using predefined queries and playbooks. Investigate anomalies, potential indicators of compromise (IOCs), and low-fidelity alerts. Escalate verified threats to L2/L3 analysts with relevant context and documentation. Assist in identifying false positives and refining detection rules in collaboration with senior analysts. Document findings, maintain accurate logs of activities, and contribute to reports. Follow standard operating procedures and incident handling workflows. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand whats happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts, incidents. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Qualification: 2 - 3 years ofexperience in SIEM. CEH CompTIA Security+, N+, A+ Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting