Contact Us

SOC Investigation Specialist

Mercor • United State
Remote
Apply
AI Summary

Mercor is seeking a SOC Investigation Specialist to review and evaluate SOC alerts and investigation outputs. The ideal candidate will have 3+ years of experience as a SOC analyst and strong understanding of alert triage and incident investigation workflows.

Key Highlights
Review and evaluate SOC alerts and investigation outputs
Perform end-to-end security investigations
Collaborate with program leads and other expert annotators
Key Responsibilities
Review and evaluate SOC alerts and investigation outputs
Perform end-to-end security investigations
Collaborate with program leads and other expert annotators
Technical Skills Required
Splunk Endpoint Detection & Response (EDR) tools Cloud security logs and signals Identity & Access Management platforms Email security tools
Benefits & Perks
$70-$95/hour
Remote work
Contract employment
Nice to Have
Experience with Endpoint Detection & Response (EDR) tools
Experience analyzing cloud security logs and signals
Familiarity with Identity & Access Management platforms

Job Description


About The Job

Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco, our investors include Benchmark, General Catalyst, Peter Thiel, Adam D'Angelo, Larry Summers, and Jack Dorsey.

Position: SOC Investigation Specialist

Type: Contract

Compensation: $70–$95/hour

Location: Remote

Role Responsibilities

  • Review and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria.
  • Distinguish true positives from false positives by validating investigative evidence and alert context.
  • Perform end-to-end security investigations, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation.
  • Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows.
  • Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries.
  • Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards.

Interested in remote work opportunities in Development & Programming? Discover Development & Programming Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

Qualifications

Must-Have

  • 3+ years of hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above strongly preferred).
  • Strong understanding of alert triage, incident investigation workflows, and evidence-based decision-making under time constraints.
  • Mandatory hands-on experience with Splunk, including conducting investigations and reasoning about SPL queries.
  • Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect.
  • Fluent English (written and spoken) with strong documentation and communication skills.

Preferred

  • Experience with Endpoint Detection & Response (EDR) tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne.
  • Experience analyzing cloud security logs and signals: AWS (CloudTrail, GuardDuty), Azure (Activity Log, Defender for Cloud), GCP (Cloud Audit Logs).
  • Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID (Azure AD).
  • Experience with email security tools like Proofpoint or Mimecast.
  • SOC leadership or mentoring experience.
  • Basic scripting experience (Python or similar).

    • Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

  • Security certifications (optional): GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications.

Application Process (Takes 20–30 mins to complete)

  • Upload resume
  • AI interview based on your resume
  • Submit form

Resources & Support

  • For details about the interview process and platform information, please check: https://talent.docs.mercor.com/welcome/welcome
  • For any help or support, reach out to: support@mercor.com

PS: Our team reviews applications daily. Please complete your AI interview and application steps to be considered for this opportunity.

,


Apply Now
Job Overview
Posted Date Feb 03, 2026
Employment Type Part-time
Experience Level Not Applicable
Location United State
Annual Salary 145 USD
Category Programming
Company Mercor
Mentioned Skills
python ai gcp ccna microsoft defender san aws cloud cloud security security certifications splunk
Industries
software development

Similar Jobs

Explore other opportunities that match your interests

Director of Enterprise Architecture

Programming
•
7m ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

ClearCaptions, LLC

United State

UM Affordability & Value Analytics Manager

Programming
•
37m ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

Oscar Health

United State

Senior Full Stack Engineer
Programming
•
38m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Oscar

United State

Subscribe our newsletter

New Things Will Always Update Regularly