**Job Summary** The SOC L1 Analyst is the **first line of defense** in cybersecurity operations. They are responsible for **monitoring**, **detecting**, and **logging potential threats** using security tools and alerting systems. The L1 Analyst performs **initial triage and escalation** of suspicious activity to higher levels. **Key Responsibilities** * Monitor **SIEM** (Security Information \& Event Management) tools for alerts and anomalies. * Perform **initial investigation and triage** on security events. * Escalate confirmed or critical incidents to **SOC L2**. * Document incidents in **ticketing systems** (e.g., ServiceNow, JIRA). * Maintain logs and daily reports for incident trends. * Monitor **firewalls, IDS/IPS, EDR, and antivirus systems** for suspicious behavior. * Assist in **phishing investigations** and **malware alert review**. * Follow standard **incident response playbooks**. * Participate in **shift\-based 24/7 monitoring**. **Skills \& Knowledge** * Understanding of **networking fundamentals** (TCP/IP, DNS, ports, protocols). * Basic knowledge of **Windows/Linux systems** and security logs. * Familiarity with **SIEM tools** (e.g., Splunk, QRadar, Azure Sentinel). * Strong **analytical and documentation skills**. * Ability to work under pressure and escalate issues promptly. **Education \& Certifications** * Diploma/Bachelor’s in **Cybersecurity, IT, or Computer Science**. * Preferred: **CompTIA Security\+**, **EC\-Council CSA**, **Microsoft SC\-900 / SC\-200**, **Cisco CyberOps Associate**. * 3 years of experience in cybersecurity or IT monitoring. Job Type: Full\-time Ability to commute/relocate: * Muscat: Reliably commute or planning to relocate before starting work (Required) Application Question(s): * what is your monthly current salary? * what is your monthly expected salary? * what is your notice period? Education: * Bachelor's (Required) Experience: * Security Operation Centre L1: 3 years (Required)