SOC Analyst

Technology, Data & Digital · Cybersecurity · Cybersecurity

Smart Summary

AI-generated overview of this position

The SOC Analyst is responsible for continuous monitoring, detection, analysis, and response to cybersecurity threats. This role involves real-time security event monitoring, incident triage, investigation, and escalation in a 24x7 operational environment, following established procedures and SLAs.

The SOC Analyst (L1/L2) is responsible for continuous monitoring, detection, analysis, and response to cybersecurity threats across enterprise environments. The role supports 24x7 SOC operations, performing real‑time security event monitoring, incident triage, investigation, escalation, and remediation in accordance with established runbooks, SLAs, and client requirements.

Key Responsibilities

  • Monitor and analyze security alerts from SIEM, SOAR, EDR, and other security tools to identify potential threats.

  • Perform timely triage, validation, and investigation of alerts in accordance with SLA and prioritization matrix (P1–P4).

  • Execute approved containment, response, and remediation actions using defined SOC runbooks.

  • Manage incidents through the full case lifecycle, ensuring accurate documentation, status updates, and closure in the case management system.

  • Follow standard case handling processes, including case stage/status flow and QA validation requirements.

  • Monitor SOC communication channels (e.g., mailbox, SOAR) and ensure timely response to inquiries, escalations, and stakeholder coordination.

  • Escalate high-severity or complex incidents in line with SLAs, including immediate notification for potential P1/P2 cases.

  • Ensure SLA compliance and resolution, including coordination with internal and external stakeholders.

  • Perform shift-based operations, including effective handover of active and critical cases with complete context.

  • Identify and report operational issues, anomalies, or delays within the same shift to relevant leads.

  • Support continuous improvement by supporting in identifying gaps in detection, logging, automation, and case handling processes.

Technical Skills

  • Strong understanding of cybersecurity fundamentals, including threat types, attack vectors, the CIA triad, and awareness of frameworks such as MITRE ATT&CK for threat identification.

  • Working knowledge of operating systems (Windows, Linux/Unix) and networking concepts (TCP/IP, OSI model, DNS, HTTP/S).

  • Experience or familiarity with SIEM/SOAR platforms, endpoint protection, firewalls, and security monitoring tools.

  • Ability to analyze logs, network traffic, and endpoint telemetry to identify malicious activity.

  • Exposure to cloud security concepts (Azure, AWS, or GCP) is an advantage.

  • Familiarity with the MITRE ATT&CK framework for threat identification is an advantage.

#SOC#Cybersecurity#L1/L2#Threat Monitoring#Incident Triage#IT Security#Kuwait

Company

Accenture

Job Posted

5 days ago

Employment Type

Full Time

WorkMode

On Site

Experience Level

Associate

Locations

Kuwait City, Kuwait

Qualification

Bachelor

Applicants

Be an early applicant