L1 SOC Analyst, Associate  

• Monitor and triage alerts across our managed detection stack — EDR, NDR, SIEM, SASE, identity, and email security telemetry
• Investigate suspicious activity using our tiered enrichment playbook (search context, pivot on indicators, correlate across data sources)
• Decide TP / FP / Benign with documented evidence, and apply the right severity
• Escalate confirmed incidents to L2 and IR with a clean handoff — what was seen, what was checked, what's next
• Document everything — your triage notes get reviewed by senior analysts, customers, and auditors
• Hand off your shift cleanly to the next analyst with a structured handover brief
• Learn continuously — vendor training, internal labs, and weekly playbook walkthroughs are part of the role

• 0–2 years of any IT, networking, or security experience — internships, lab projects, and self-taught portfolios count
• Curiosity about how attacks work and how defenders respond — you watched DEF CON talks for fun, you broke things in your homelab, you've read a few writeups
• Clear written English — triage notes go to customers and regulators, not just internal teams
• Comfortable with shift work — 24×7 SOC operations, rotating shifts including nights and weekends
• Eagerness to learn — we will upskill you on the job. We invest in the people who invest back
• Educational background: BS in Information Technology, Cybersecurity, Computer Science, or related — or equivalent practical experience (we will absolutely consider self-taught candidates with a strong portfolio).

Nice to have (not required)

• Hands-on with any EDR, SIEM, firewall, or web proxy — even in a homelab

• Familiarity with the MITRE ATT&CK framework

• Entry-level certifications welcome: CompTIA Security+, (ISC)² CC, Google Cybersecurity Certificate, BTL1, eJPT

• Scripting basics in Python, PowerShell, or Bash

• A TryHackMe / HackTheBox / LetsDefend profile we can look at

• Tagalog and English fluency for customer-facing communications