Coralogix- SOC Analyst

Roles & Responsibilities:

Monitoring & Alert Handling

• 
  

  Continuously monitor security alerts and events from SIEM tools and security platforms.

  
  


• 
  

  Identify and categorize suspicious activities, malware alerts, phishing attempts, and intrusion attempts.

  
  


• 
  

  Assist in triaging and prioritizing security alerts based on severity levels.

  
  

Investigation & Analysis

• 
  

  Perform initial investigation on security events to determine potential threats or false positives.

  
  


• 
  

  Gather and analyze logs from various sources (firewalls, endpoint security, network devices, applications).

  
  


• 
  

  Document incident findings and escalate critical alerts to senior analysts or Incident Response team.

  
  

Incident Response Support

• 
  

  Assist in containment, mitigation, and recovery steps under guidance of senior SOC members.

  
  


• 
  

  Participate in incident handling processes and follow defined playbooks/runbooks.

  
  


• 
  

  Support in forensic evidence collection when required.

  
  

Security Reporting & Documentation

• 
  

  Maintain detailed incident tickets with investigation notes and actions taken.

  
  


• 
  

  Prepare periodic reports on alerts, incident trends, and security posture improvements.

  
  

Continuous Improvement

• 
  

  Stay updated with emerging cyber threats, vulnerabilities, and security trends.

  
  


• 
  

  Contribute to refining SOC processes, SOPs, and threat detection mechanisms.