Security Analyst L1

About us

HR Path Company is the Human Resource Solutions Specialist. As a partner of the leading vendors of the market, it carries out HRIS implementation projects and payroll outsourcing for large accounts as well as for SMEs. HR Path supports you in all your HR strategies, in France and internationally.

The group, established in 2001, has over 1500 employees, supports more than 1,500 clients and generates Headquartered in Paris, HR Path also has international subsidiaries in 18 different countries.

We are the most experienced Workday and SuccessFactors partner in APAC

For more information, visit

Role Overview

We are seeking a motivated L1 Security Analyst to join our Security Operations Center (SOC). The candidate will be responsible for real-time security monitoring, initial incident triage, and escalation of security alerts. The role requires strong analytical skills, good communication, and a solid technical foundation in cybersecurity practices.

Key Roles & Responsibilities

SIEM Monitoring

• Monitor SIEM dashboards and security alerts on a 24/7 basis to ensure continuous security visibility.
• Perform initial analysis, basic correlation, and triage of security events to determine severity and potential impact.
• Identify false positives versus genuine security incidents and escalate validated incidents to L2/L3 SOC teams with complete context and supporting evidence.
• Ensure alerts are handled in accordance with defined SOC processes, runbooks, and escalation matrices.

Firewall, Proxy & Email Security Monitoring

• Review firewall logs to identify suspicious traffic, unauthorized access attempts, and policy violations.
• Monitor web proxy logs to detect access to malicious, blocked, or high-risk websites.
• Analyze email security alerts related to phishing, spam, malware attachments, and malicious URLs.
• Take initial response actions such as quarantining emails, notifying users, and escalating high-risk cases as per SOC procedures.

Incident Response Support & Documentation

• Follow established Incident Response playbooks for common use cases, including phishing, malware infections, brute-force attempts, and policy violations.
• Collect and document relevant evidence such as logs, screenshots, timestamps, and indicators of compromise (IOCs) during investigations.
• Provide clear root cause observations and investigation details while escalating incidents to higher-level SOC teams.
• Maintain accurate ticketing, documentation, and incident closure in line with SOC quality and compliance standards.

SLA Management & Reporting

• Adhere to defined SLAs for alert acknowledgment, triage, and escalation timelines.
• Prepare daily and weekly operational reports covering alerts handled, incidents escalated, and current status.
• Ensure timely updates are provided in tickets and dashboards for visibility to stakeholders.

Collaboration, Communication & Continuous Learning

• Coordinate with internal IT, network, endpoint, and email teams for log validation, troubleshooting, and issue resolution.
• Prepare concise and clear incident summaries for management and relevant stakeholders.
• Actively participate in SOC knowledge-sharing sessions, training programs, and continuous improvement initiatives.
• Stay updated on emerging threats, attack techniques, and SOC best practices.

Required Skills & Competencies

• Good understanding of network and security fundamentals, including TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, and proxies.
• Awareness of common cyber-attack techniques such as phishing, brute-force attacks, malware infections, and insider threats.
• Familiarity with SIEM tools, preferably Splunk , for alert monitoring and log analysis.
• Hands-on exposure or basic understanding of endpoint protection and email security solutions.
• Strong verbal and written communication skills, with the ability to document incidents clearly and interact professionally with clients and internal teams.
• Willingness to work in a 24/7 rotational shift environment.

Preferred Certifications

(Not mandatory, but adds value for SOC L1 profiles)

• CompTIA Security+
• EC-Council CEH (Certified Ethical Hacker)
• ISC² CC (Certified in Cybersecurity)
• Splunk Core Certified User or Microsoft SC-200 (for SIEM monitoring)
• Fortinet NSE 1–3 or Palo Alto PCCET (firewall fundamentals)

Education & Experience

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or an equivalent field.
• 1–3 years of experience in SOC operations or security monitoring roles.
• Fresh graduates with strong technical fundamentals, hands-on labs, internships, or relevant certifications are also encouraged to apply.