SOC Analyst - Remote
MercorGermany13 hours ago
Full-timeRemote FriendlyInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
About The Job
Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco, our investors include Benchmark, General Catalyst, Peter Thiel, Adam D'Angelo, Larry Summers, and Jack Dorsey.
Position: SOC Investigation Specialist
Type: Contract
Compensation: $70–$95/hour
Location: Remote
Role Responsibilities
Must-Have
Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco, our investors include Benchmark, General Catalyst, Peter Thiel, Adam D'Angelo, Larry Summers, and Jack Dorsey.
Position: SOC Investigation Specialist
Type: Contract
Compensation: $70–$95/hour
Location: Remote
Role Responsibilities
- Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria.
- Distinguish true positives from false positives by validating investigative evidence and alert context.
- Perform end-to-end security investigations, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation.
- Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows.
- Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries.
- Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards.
Must-Have
- 3+ years of hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above strongly preferred).
- Strong understanding of alert triage, incident investigation workflows, and evidence-based decision-making under time constraints.
- Mandatory hands-on experience with Splunk, including conducting investigations and reasoning about SPL queries.
- Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect.
- Fluent English (written and spoken) with strong documentation and communication skills.
- Experience with Endpoint Detection & Response (EDR) tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne.
- Experience analyzing cloud security logs and signals: AWS (CloudTrail, GuardDuty), Azure (Activity Log, Defender for Cloud), GCP (Cloud Audit Logs).
- Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID (Azure AD).
- Experience with email security tools like Proofpoint or Mimecast.
- SOC leadership or mentoring experience.
- Basic scripting experience (Python or similar).
- Security certifications (optional): GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications.
- Upload resume
- AI interview based on your resume
- Submit form
- For details about the interview process and platform information, please check: https://talent.docs.mercor.com/welcome/welcome
- For any help or support, reach out to: [email protected]
Key Skills
Ranked by relevanceReady to apply?
Join Mercor and take your career to the next level!
Application takes less than 5 minutes