Security Operations Center Analyst

Position Overview

• We are seeking a highly motivated Security Operations Center (SOC) Analyst to monitor, analyze, and respond to cybersecurity threats across enterprise systems and networks.
• The SOC Analyst will play a critical role in identifying security incidents, conducting investigations, and supporting incident response activities in a 24/7 security operations environment.
• The ideal candidate has hands-on experience with SIEM tools, threat detection, and incident handling, and is comfortable working in a fully remote setting within the United States.

Key Responsibilities

1. Security Monitoring & Detection

• Monitor security alerts and events using SIEM platforms (Splunk, Sentinel, QRadar, LogRhythm, etc.).
• Analyze logs from firewalls, IDS/IPS, EDR, servers, cloud platforms, and endpoints.
• Identify, triage, and prioritize security alerts based on severity and impact.

2. Incident Response & Investigation

• Investigate security incidents including phishing, malware, ransomware, account compromise, and insider threats.
• Perform root cause analysis and determine scope, impact, and remediation steps.
• Escalate incidents according to incident response procedures and SLAs.
• Assist in containment, eradication, and recovery activities.

3. Threat Intelligence & Hunting

• Utilize threat intelligence feeds and frameworks (MITRE ATT&CK) to enhance detection.
• Conduct proactive threat hunting to identify hidden or emerging threats.

Interested in remote work opportunities in IT & Network Engineering? Discover IT & Network Engineering Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Stay current with new vulnerabilities, attack techniques, and threat actor behavior.

4. Documentation & Reporting

• Document incidents, findings, and response actions clearly and accurately.
• Prepare incident reports and metrics for internal stakeholders.
• Support compliance and audit requirements (SOC 2, ISO 27001, NIST, HIPAA, PCI-DSS).

5. Tooling & Process Improvement

• Tune SIEM rules and alerts to reduce false positives.
• Support integration of new security tools and log sources.
• Participate in SOC playbook creation and continuous improvement initiatives.

6. Collaboration & Communication

• Work closely with Incident Response, IT, Cloud, and DevOps teams.
• Communicate effectively during active incidents and post-incident reviews.
• Participate in shift handovers and on-call rotations as required.

Required Skills & Qualifications

Technical Skills

• 2–5+ years of experience in a SOC, security operations, or cybersecurity role.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel, QRadar, etc.).
• Familiarity with EDR/XDR tools (CrowdStrike, SentinelOne, Defender, etc.).
• Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP, VPNs).
• Experience analyzing logs from Windows, Linux, cloud platforms (AWS/Azure/GCP).
• Knowledge of malware analysis, phishing investigation, and threat detection techniques.

Security Frameworks & Standards

• Familiarity with MITRE ATT&CK, NIST CSF, and incident response frameworks.
• Understanding of common compliance standards (SOC 2, ISO 27001, HIPAA, PCI-DSS).

Preferred Qualifications

• Security certifications such as Security+, CEH, GCIA, GCIH, CySA+, or CISSP.
• Experience with SOAR platforms and automation tools.
• Scripting experience (Python, PowerShell, Bash) for investigation and automation.
• Cloud security monitoring experience (AWS GuardDuty, Azure Defender).

Soft Skills

• Strong analytical and problem-solving skills.
• Ability to remain calm and effective during security incidents.
• Excellent written and verbal communication skills.
• Ability to work independently in a remote environment.
• Strong attention to detail and documentation skills.