Associate - L1 SOC Analyst

The Level 1 SOC Analyst at PwC's Digital Trust & Cybersecurity team is responsible for continuous monitoring and analysis of an organization’s security posture. This 24/7 role involves detecting, responding to, and mitigating security incidents, serving as the first line of defense against potential threats and vulnerabilities within the network and systems. The analyst will perform alert triage, investigation, shift handovers, log monitoring, and address Jira tickets, escalating incidents as needed. This contract role requires 0-1 year of experience and proficiency in English, Malay, and Mandarin.

Must Have

• Monitor for newly triggered alerts and those not yet marked as Open or Closed
• Collect information to support alert assessment theories
• Correlate alerts with other security devices
• Investigate the impact of alerts
• Conduct clear and concise shift handovers, including preparing reports
• Monitor and investigate stopped log flows to SIEM, contacting server owners
• Attend to Jira tickets, responding to inquiries or forwarding them
• Detect and report log parser issues to Infra/SIEM Engineer
• Detect and report False Alarms to Infra/SIEM Engineer
• Review and analyze alerts generated by security tools and systems
• Escalate potential security incidents to higher-level analysts (L2 or L3)
• Degree in Cybersecurity, Network Security or an equivalent field
• 0-1 year of experience in Cybersecurity, SOC or Surveillance
• Proficiency in English, Malay and Mandarin language

Good to Have

• Proficiency in Cantonese
• Familiarity with Linux and Windows

Perks & Benefits

• Contract staff will receive standard benefits as permanent staff

In the Digital Trust & Cybersecurity team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients' changing cybersecurity needs.

The Level 1 SOC Analyst is responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. This role involves working in a 24/7 environment to detect, respond to, and mitigate security incidents. The L1 SOC Analyst will serve as the first line of defense in identifying potential threats and vulnerabilities within the organization’s network and Systems.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a L1 SOC Analyst, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Alert Triage & Investigation
• Monitor for newly triggered alerts. Also look for alerts not yet marked as Open or Closed
• Collect more information to support the theory of the alerts under assessment
• Correlate alerts with other security devices
• Investigate the impact of the alerts

• Ensure that shift handovers are conducted clearly and concisely which includes:
• Participating in shift handover process
• Conducting shift handover
• Preparing shift handover report
• Communicating shift handover information to next shift personnel

• Monitor and investigate if the logs from the stopped flowing to SIEM. Reach out to the Server owner. Generate a list and work on the list. Report the ones resolved, and the method used.
• Linux - Syslogs - get in touch with server owner
• Windows - check for permission, user status (disabled/activate), password expiry (local user). User ID for windows collections is Irsvrcollector.

• Attend to Jira tickets sent to the client. Response to inquiry or forward the ticket to the respective group/team.

• Detect and report ticket with log parser issue to Infra/SIEM Engineer

• Detect and report ticket with False Alarm to Infra/SIEM Engineer

• Authorised to review and analyse alerts generated by security tools and systems.

• Empowered to escalate potential security incidents to higher-level analysts (L2 or L3) based on predefined criteria.

Key Requirements

• Graduates from Degree in Cybersecurity, Network Security or an equivalent field.
• 0-1 year of experience in the area of Cybersecurity, SOC or Surveillance.
• Proficiency in English, Malay and Mandarin language is a must; Proficiency in Cantonese will be an added advantage.
• Whilst strictly not necessary, familiarity with Linux and Windows would be desirable.

*This is a 12 months contract role with opportunity to be extended based on project and performance.

*Contract staff will be getting the standard benefit as permanent staff.