Remote SOC Analyst
Source: Himalayas
AI Summary Powered by Gemini
This is a full-time, remote SOC Analyst position requiring 2+ years of experience in cybersecurity operations. Key requirements include security certifications, scripting skills, cloud security exposure, and familiarity with SIEM/EDR tools like Microsoft Sentinel and Defender. The role offers an opportunity to investigate alerts, respond to incidents, perform threat analysis, and contribute to process development and continuous improvement in a dynamic cybersecurity environment.
Job Description
Remote SOC Analyst needs 2+ years of experience in a SOC or cybersecurity operations role.SOC Analyst requires:Security certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.Experience with scripting (Python, PowerShell) for automation and analysis.Exposure to cloud security monitoring (Azure, AWS, GCP).Understanding of compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS).Experience with Microsoft Sentinel for SIEM and Microsoft Defender for Endpoint for EDR.Solid understanding of TCP/IP, Windows/Linux OS internals, and common attack vectors.Familiarity with MITRE ATT&CK, cyber kill chain, and threat modeling.SOC Analyst duties:Alert Triage & Validation: Investigate and validate alerts escalated from our security partners using SIEM, EDR, and other security tools.Incident Response: Execute containment and remediation steps for confirmed incidents. Escalate to Tier 3 when deeper forensic or threat hunting expertise is required.Threat Analysis: Correlate data across multiple sources (network, endpoint, cloud) to identify patterns and indicators of compromise (IOCs).Detection Tuning: Work with engineering and Tier 3 teams to fine-tune detection rules and reduce false positives.Process Development: Document SOC workflows, procedures, and incident handling processes. Build and maintain runbooks to standardize response actions and improve operational efficiency.Continuous Improvement: Stay current on emerging threats, vulnerabilities, and security technologies. Recommend improvements to detection and response capabilities.Originally posted on Himalayas
Full Description
Remote SOC Analyst needs 2+ years of experience in a SOC or cybersecurity operations role.SOC Analyst requires:Security certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.Experience with scripting (Python, PowerShell) for automation and analysis.Exposure to cloud security monitoring (Azure, AWS, GCP).Understanding of compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS).Experience with Microsoft Sentinel for SIEM and Microsoft Defender for Endpoint for EDR.Solid understanding of TCP/IP, Windows/Linux OS internals, and common attack vectors.Familiarity with MITRE ATT&CK, cyber kill chain, and threat modeling.SOC Analyst duties:Alert Triage & Validation: Investigate and validate alerts escalated from our security partners using SIEM, EDR, and other security tools.Incident Response: Execute containment and remediation steps for confirmed incidents. Escalate to Tier 3 when deeper forensic or threat hunting expertise is required.Threat Analysis: Correlate data across multiple sources (network, endpoint, cloud) to identify patterns and indicators of compromise (IOCs).Detection Tuning: Work with engineering and Tier 3 teams to fine-tune detection rules and reduce false positives.Process Development: Document SOC workflows, procedures, and incident handling processes. Build and maintain runbooks to standardize response actions and improve operational efficiency.Continuous Improvement: Stay current on emerging threats, vulnerabilities, and security technologies. Recommend improvements to detection and response capabilities.Originally posted on Himalayas