Coralogix- SOC Analyst

Roles & Responsibilities:

Monitoring & Alert Handling

• Continuously monitor security alerts and events from SIEM tools and security platforms.

• Identify and categorize suspicious activities, malware alerts, phishing attempts, and intrusion attempts.

• Assist in triaging and prioritizing security alerts based on severity levels.

Investigation & Analysis

• Perform initial investigation on security events to determine potential threats or false positives.

• Gather and analyze logs from various sources (firewalls, endpoint security, network devices, applications).

• Document incident findings and escalate critical alerts to senior analysts or Incident Response team.

Incident Response Support

• Assist in containment, mitigation, and recovery steps under guidance of senior SOC members.

• Participate in incident handling processes and follow defined playbooks/runbooks.

• Support in forensic evidence collection when required.

Security Reporting & Documentation

• Maintain detailed incident tickets with investigation notes and actions taken.

• Prepare periodic reports on alerts, incident trends, and security posture improvements.

Continuous Improvement

• Stay updated with emerging cyber threats, vulnerabilities, and security trends.

• Contribute to refining SOC processes, SOPs, and threat detection mechanisms.