Job Description

The Tier 1 Cyber Security Analyst serves as a front-line SOC analyst responsible for continuously monitoring security tools, triaging alerts, and documenting potential security incidents impacting enterprise networks and systems. Operating in a 24×7 security operations environment, this role reviews SIEM and endpoint alerts, investigates basic indicators of compromise, and escalates confirmed or complex issues to higher-tier responders using established playbooks and procedures.

This position emphasizes methodical analysis, clear written documentation, and strict adherence to standardized SOC processes to ensure consistent, auditable handling of security events across shifts. The analyst also supports continuous readiness by staying current on common cyber threats and detection techniques relevant to security operations in an enterprise environment.

Key Responsibilities

• Monitor and analyze security alerts generated by SIEM, EDR, and other security tools to identify suspicious activity, basic intrusion patterns, and policy violations in near real time.
• Perform initial triage on alerts by validating events, correlating related activity, and determining whether behavior represents a true security incident or benign activity.
• Document investigation steps, observations, and preliminary impact assessments in SOC ticketing systems to support efficient handoffs and maintain a complete audit trail.
• Identify common threats such as phishing emails, commodity malware, brute-force attempts, and anomalous network traffic using foundational knowledge of networking and operating systems.
• Escalate confirmed or ambiguous security incidents to Tier 2 analysts, providing concise summaries, supporting evidence, and recommended next steps in accordance with SOC playbooks.
• Follow defined SOC procedures, security playbooks, and escalation protocols to ensure consistent, compliant incident handling and operational coverage across shifts.
• Collaborate with SOC team members to maintain situational awareness, share findings, and support overall incident response readiness in the client environment.
• Participate in knowledge-sharing and continuous learning activities to stay current on emerging threats, SOC tools, and best practices in security operations.

Required Qualifications

• High School Diploma or equivalent.
• Approximately 6 months to 1 year of experience in cyber security, SOC operations, IT support, or IT helpdesk, or equivalent foundational experience in a related IT discipline.
• Ability to work in a 24×7 SOC environment, including evenings, weekends, or shift work as required by operational coverage needs.
• Basic knowledge of networking protocols and operating systems sufficient to understand security alerts and differentiate normal from suspicious activity.
• Strong analytical mindset and attention to detail, with the ability to methodically troubleshoot and investigate security alerts.
• Strong written documentation and verbal communication skills to clearly record investigations and collaborate with SOC teammates.
• U.S. citizenship with the ability to meet client background investigation requirements for a federal IT environment.

Preferred Qualifications

• Entry-level cybersecurity certifications such as CompTIA Security+, ISC2 CC, SC-900, or Cisco CyberOps Associate (or equivalent foundational security certification).
• Exposure to at least one SIEM or security monitoring platform, including basic querying to filter and pivot on security events.
• Basic knowledge of networking protocols (for example, TCP/IP, DNS, HTTP) and common cyber threats such as phishing, malware, and authentication attacks.
• Post-secondary education in Cybersecurity, Information Technology, or Computer Science.

Qualifications

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.