Cyber Security Analyst

We are seeking a motivated and detail-oriented L1 SOC analyst to join our security team. This role is an excellent opportunity for individuals looking to build a career in cybersecurity by working alongside experienced professionals to protect and monitor enterprise systems. You will play a crucial role in supporting cybersecurity operations, responding to security incidents, and assisting in the implementation of security solutions.

As an L1 SOC analyst, you will be the first line of defense: monitoring security events, triaging alerts, supporting incident response, and contributing to the continuous improvement of detection and response processes. You will also work with AI-augmented security tooling and help the organization build maturity in detecting and responding to AI-related threats. Shift and Working Arrangement: • The role requires working on a rotating shift schedule that includes morning, evening, and night shifts. • Structured shift handovers (written and verbal) are a core part of the daily routine to ensure continuity of monitoring and incident response. • SUSE will take care of providing you with the required hardware for executing your job duties.

Key Responsibilities: • Assist in monitoring and analyzing security events from various sources (SIEM, firewalls, endpoint security, identity providers and cloud platforms). • Triage and investigate alerts according to defined playbooks and runbooks; escalate confirmed or high-severity incidents with clear, structured handovers. • Support incident detection, containment, and response activities, documenting timelines, actions, and findings in the case management and ticketing system. • Use the MITRE ATT&CK framework to map adversary behaviors, support detection engineering feedback, and refine coverage gaps. • Provide support for remediation tracking of vulnerability assessment and penetration testing activities, led by senior staff or external partners. • Contribute to threat intelligence gathering, IOC enrichment, and correlation with internal telemetry. • Help enforce security policies and procedures, and keep logs, reports, playbooks, and case records accurate and up to date. • Collaborate with other IT and security teams to improve the overall security posture. • Assist in security awareness training and best practices for employees. • Stay up to date with emerging cybersecurity threats and trends, including AI-specific risks. Qualifications & Skills: • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent work experience). • 0-2 years of experience in cybersecurity or IT-related roles. • Basic understanding of security concepts, including malware analysis, network security, and incident response. • Familiarity with security tools such as SIEM, Vulnerability Management, endpoint protection, and firewalls. • Solid knowledge of networking fundamentals (TCP/IP, DNS, HTTP, VPNs, etc.). • Solid knowledge of Linux • Knowledge of Windows & Mac OS operating systems • Knowledge of scripting languages (bash, Python) • Basic knowledge of major Cloud Service Providers (AWS, GCP & Azure) • Strong analytical and problem-solving skills. • Good communication and teamwork abilities. • Proficiency with remote working collaboration tools. • Certifications such as CompTIA Security, CEH, or equivalent (preferred but not required). AI and AI-Security Skills (preferred): • Practical use of AI assistants to support tasks such as log and script analysis, regex generation, query writing, and documentation drafting. • Basic awareness of the AI/LLM threat landscape, including: o OWASP Top 10 for LLM Applications o MITRE ATLAS (Adversarial Threat Landscape for AI Systems) o Common risks: prompt injection, sensitive data leakage to public LLMs, model and supply-chain abuse, deepfake-driven phishing / vishing, and shadow AI within the enterprise. • Conceptual understanding of how ML/AI is used in detection (UEBA, anomaly detection, behavior analytics) and its limitations.