AI Summary
We are hiring an experienced SOC analyst for a fully remote role building next-generation SOC automation and AI-driven investigation systems. Key responsibilities include reviewing, monitoring, and evaluating SOC alerts, performing end-to-end security investigations, and assessing the correctness of SOC investigations. The ideal candidate will have 3+ years of experience in SOC analysis and strong technical skills.
Key Highlights
Fully remote role
SOC automation and AI-driven investigation systems
End-to-end security investigations
Key Responsibilities
Review, monitor, and evaluate SOC alerts and investigation outputs
Perform end-to-end security investigations when required
Assess the correctness, completeness, and quality of SOC investigations
Technical Skills Required
Benefits & Perks
Fully remote work
Independent contractor
Weekly payments based on services rendered
Nice to Have
Endpoint Detection & Response tools
Cloud security logs
Identity & Access Management platforms
Job Description
hiring SOC Investigation Specialist on behalf of high-growth technology and enterprise partners building next-generation SOC automation and AI-driven investigation systems. This role is ideal for experienced SOC analysts who can apply real-world investigative judgment to review, validate, and construct high-quality security investigations across SIEM, endpoint, cloud, and identity environments.
Responsibilities
- Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria.
- Distinguish true positives from false positives by validating investigative evidence and alert context.
- Perform end-to-end security investigations when required, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation.
- Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows.
- Apply consistent investigative judgment while recognizing that multiple valid investigation paths may exist for the same alert.
- Make clear binary determinations (e.g., ACCEPT / PASS) while also producing detailed ground-truth investigations when required.
- Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries.
- Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions.
- Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards.
- Mentor or support other analysts where applicable, particularly in long-term or lead annotator roles.
- 3+ years of hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above strongly preferred).
- Strong understanding of alert triage, incident investigation workflows, and evidence-based decision-making under time constraints.
- Mandatory hands-on experience with Splunk, including:
- Conducting investigations using Splunk
- Reading, understanding, and reasoning about SPL queries
- Pivoting between logs, entities, and timelines
- Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect.
- Strong investigative judgment and comfort making decisive evaluations.
- Fluent English (written and spoken) with strong documentation and communication skills.
Interested in remote work opportunities in Development & Programming? Discover Development & Programming Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
- Experience with Endpoint Detection & Response (EDR) tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne.
- Experience analyzing cloud security logs and signals:
- AWS (CloudTrail, GuardDuty)
- Azure (Activity Log, Defender for Cloud)
- GCP (Cloud Audit Logs)
- Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID (Azure AD).
- Experience with email security tools like Proofpoint or Mimecast.
- SOC leadership or mentoring experience.
- Basic scripting experience (Python or similar).
- Security certifications (optional): GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
- Work on cutting-edge SOC automation and AI-driven investigation systems.
- Apply real-world SOC expertise to shape how future security teams investigate and respond to threats.
- Take ownership of high-impact investigative evaluations and ground-truth security cases.
- Collaborate with experienced SOC practitioners, security engineers, and AI teams.
Contract and Payment Terms
- You will be engaged as an independent contractor.
- This is a fully remote role that can be completed on your own schedule.
- Projects can be extended, shortened, or concluded early depending on needs and performance.
- Payments are weekly on Stripe or Wise based on services rendered.
Similar Jobs
Explore other opportunities that match your interests
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Executive
Talently
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
guidehealth
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Entry level
917 solutions
United State