SOC Analyst - Level 1

Company Description

Accesa is a leading technology company headquartered in Cluj-Napoca, with offices in Oradea and 20 years of experience in turning business challenges into opportunities and growth. A value-driven organization, it has established itself as a partner of choice for major brands in Retail, Manufacturing, Finance, and Banking. With more than 1,200 IT professionals, Accesa is an employer of choice for IT professionals passionate about problem-solving through technology.

Job Description

We are looking for a SOC Analyst - Level 1 who can take ownership of routine security investigations, not just review alerts and pass them on. The role combines hands-on alert analysis, evidence correlation, clear case documentation, sound recommendations, and reliable handoff quality. This is a shift-based live operations role. You will be expected to work as part of a rota that may include day, late, night, and weekend shifts, with public-holiday coverage only where the agreed service model requires it. Good handover discipline and clear shift continuity are part of the role. This is not just a queue-monitoring role, and it is not a senior incident leadership position. You will be expected to work cases properly, reach a well-supported view of what is happening, and either move the case to closure within your scope or escalate it cleanly when impact, uncertainty, or complexity goes beyond it.

Qualifications

Must Have:

• Comfort with investigation and alert analysis in a SOC, MDR, or similar operational security environment.
• Ability to collect, validate, and correlate evidence across multiple data sources.
• Working knowledge of endpoint, identity, email, cloud, and network security concepts.
• Familiarity with investigation, monitoring, case-handling, and escalation workflows.
• Clear written and verbal communication in English.
• Good documentation habits and disciplined escalation judgment.
• Willingness and ability to work shift patterns as required by the service model.
• Responsible AI literacy, including the ability to use approved AI-assisted workflows cautiously, validate outputs against source evidence, avoid entering customer-sensitive data into unapproved or public AI tools, and avoid treating AI output as evidence, approval, or authority.
• Ability to explain why a detection, workflow, or playbook is not working well in practice and suggest useful improvements.

Nice to Have:

• 1-4 years of relevant experience in cybersecurity operations, incident analysis, or incident response.
• Prior exposure to SOC, MDR, or incident response workflows.
• Hands-on exposure to Microsoft Sentinel, Microsoft Defender XDR, Cortex XSOAR, Elastic Security, Vectra NDR, or similar security operations platforms.
• Basic KQL or equivalent query-language experience for investigation support.
• Ability to work across multiple enterprise technologies and investigation contexts.
• Experience contributing tuning suggestions, identifying noisy detections, drafting playbook improvements, or proposing investigation automation.
• Familiarity with common security frameworks or ATT&CK-style analysis.
• Certifications such as CompTIA Security+, CompTIA CySA+, Microsoft SC-200, or similar operational security certifications.
• German would be an advantage.

Additional Information

About You

You are comfortable taking an investigation beyond first-pass triage and turning scattered evidence into a clear case. You know when to keep working, when to recommend a practical next step, and when to escalate because the case needs faster handling or more senior support. You communicate clearly, stay grounded in the evidence, and understand that good shift-based SOC work depends on clean handovers, reliable documentation, and consistent operational discipline.

At Accesa you can:

Enjoy our holistic benefits program that covers the four pillars that we believe come together to support our wellbeing, covering social, physical, emotional wellbeing, as well as work-life fusion.

• Physical Wellbeing: Medical benefits, gym support, and personalized fitness options, complemented by team events and the Healthy Habits Club.
• Work-Life Fusion: Flexibility to define the work-life dynamic that works for you.
• Emotional Wellbeing: Investment in mental wellbeing.
• Social Wellbeing: Opportunities to stay connected as a growing community in a hybrid environment.