Senior SOC Analyst - Part-time Consulting Opportunity

We are sharing a specialised part-time consulting opportunity for experienced SOC analysts with strong expertise in alert triage, incident investigation, Splunk-based analysis, and evidence-driven security decision-making.

This role supports high-growth technology and enterprise partners building next-generation SOC automation and AI-driven investigation systems.

Selected professionals will help review and validate SOC investigations, distinguish true positives from false positives, perform end-to-end security analysis when needed, and contribute to improving the quality and reliability of AI-supported security investigation workflows.

Key Responsibilities

Professionals in this role may contribute to:

SOC Alert Review & Investigation Evaluation

Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria

Distinguish true positives from false positives by validating investigative evidence and alert context

Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows

Security Investigation & Analysis

Perform end-to-end security investigations when required, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation

Apply consistent investigative judgment while recognizing that multiple valid investigation paths may exist for the same alert

Make clear binary determinations such as accept or pass while also producing detailed ground-truth investigations when required

Splunk-Based Investigation Workflows

Use Splunk extensively to pivot across logs, entities, and timelines

Read, understand, and reason about SPL queries

Support high-quality investigation workflows through structured evidence analysis and documentation

Documentation & Collaboration

Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions

Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards

Mentor or support other analysts where applicable, particularly in long-term or lead annotator roles

Ideal Profile

Strong candidates may have:

3+ years of hands-on experience as a SOC analyst in a production SOC environment

Strong understanding of alert triage, incident investigation workflows, and evidence-based decision-making under time constraints

Mandatory hands-on experience with Splunk, including conducting investigations, reading and reasoning about SPL queries, and pivoting across logs, entities, and timelines

Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect

Strong investigative judgment and comfort making decisive evaluations

Fluent English, written and spoken, with strong documentation and communication skills

Preferred Qualifications

Tier 2 or above SOC experience

Experience with Endpoint Detection and Response tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne

Experience analyzing cloud security logs and signals across AWS, Azure, or GCP

Familiarity with identity and access management platforms such as Okta Identity Cloud or Microsoft Entra ID

Experience with email security tools such as Proofpoint or Mimecast

SOC leadership or mentoring experience

Basic scripting experience in Python or similar languages

Security certifications such as GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications

Why This Opportunity

Work on cutting-edge SOC automation and AI-driven investigation systems

Apply real-world SOC expertise to shape how future security teams investigate and respond to threats

Take ownership of high-impact investigative evaluations and ground-truth security cases

Collaborate with experienced SOC practitioners, security engineers, and AI teams

Join Mercor's global network of vetted security professionals

Contract Details

Independent contractor role

Fully remote with flexible scheduling

Talent network opportunity

Weekly payments via Stripe or Wise

Projects may be extended, shortened, or concluded early depending on project needs and performance

Work will not involve access to confidential or proprietary information from any employer, client, or institution

Please note: We are unable to support H1-B or STEM OPT candidates at this time

Location requirements: India, Denmark, Estonia, Finland, Iceland, Ireland, Latvia, Lithuania, Norway, Sweden, Austria, Belgium, France, Germany, Liechtenstein, Luxembourg, Monaco, Netherlands, Switzerland, United Kingdom, Albania, Bosnia and Herzegovina, Croatia, Greece, Italy, Kosovo, Malta, North Macedonia, Portugal, San Marino, Serbia, Slovenia, Spain, Bulgaria, Czech Republic, Hungary, Moldova, Poland, Romania, or Slovakia

About The Platform

This opportunity is available through a leading AI-driven work platform that connects domain experts with frontier AI research projects.

Experts contribute to improving advanced AI systems by providing specialised expertise across security investigations, threat analysis, annotation workflows, and domain-specific evaluation.

By submitting this application, you acknowledge that your information may be processed by 24-MAG LLC for recruitment and opportunity matching in accordance with our Privacy Policy: https://www.24-mag.com/privacy-policy