Remotery

Security Operations Center Analyst

Posted 9 hours ago

This is a fully remote position, open to applicants in India.

📋 Description

• Oversee, assess, and investigate security incidents across AWS, endpoint security systems, Google Workspace, identity management platforms, and other enterprise security solutions.

• Evaluate and interpret threat intelligence feeds, Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) to confirm detections, enhance monitoring, and refine detection use cases.

• Enhance security investigations using OSINT, domain intelligence, and threat intelligence resources to identify malicious activities and assist in attribution.

• Integrate telemetry from endpoints, networks, cloud environments, identity systems, SIEM, EDR, and other security tools to create a detailed investigation context and identify threats.

• Design, develop, maintain, and improve SIEM/SOAR detection rules, playbooks, dashboards, and alerts. Onboard and validate new log sources to guarantee complete and normalized visibility.

• Conduct proactive threat hunting and endpoint/cloud forensics to uncover previously undetected threats, assess scope and root cause, and provide evidence to support incident response.

• Lead comprehensive incident response efforts, including triage, investigation, containment, eradication, recovery, root cause analysis (RCA), reporting, and upkeep of incident response playbooks and standard operating procedures.

• Monitor and suggest security enhancements across AWS services, including CloudTrail, GuardDuty, Security Hub, IAM, VPC Flow Logs, CloudWatch, and AWS Config, to identify suspicious activity and misconfigurations.

• Examine identity-related threats utilizing authentication logs, privileged account activities, and audit logs from collaboration platforms.

• Administer, integrate, and perform health assessments for SIEM, SOAR, EDR, and related security technologies to ensure dependable security operations.

• Create and maintain security automation, internal tools, and integrations using Python, PowerShell, Bash, APIs, and webhooks to enhance investigation and response efficiency.

• Sustain and optimize threat intelligence repositories, IOC watchlists, enrichment workflows, and dashboards, translating intelligence into improved detections and alert tuning.

• Assist with vulnerability management by reviewing findings, validating remediation efforts, and contributing to risk-based prioritization.

• Compose clear and concise incident reports, root cause analysis documents, threat intelligence summaries, executive updates, and SOC performance metrics.

• Collaborate with Infrastructure, Cloud, IT, and Engineering teams to implement security measures, enhance detections, and coordinate incident response efforts.

• Assess and implement AI-assisted security workflows to enhance threat detection, alert triage, investigations, and incident response.

• Continuously evaluate and improve SOC architecture, monitoring strategies, KPIs/KRIs, automation, and overall SOC maturity in line with industry best practices.


⛳️ Requirements

• 3–6 years of experience in Security Operations, encompassing threat detection, incident response, threat hunting, and digital forensics in cloud and enterprise environments.

• Proven experience in managing high-severity security incidents and enhancing SOC capabilities through process improvements, automation, and measurable operational metrics.

• Experience in developing AI- or LLM-assisted SOC workflows for alert triage, investigation summaries, and multi-source threat correlation, while ensuring the accuracy of AI-generated outputs. (Preferred)

• Familiarity with AI security frameworks and threat models such as MITRE ATLAS and the OWASP Top 10 for LLM Applications. (Preferred)

• Proficient in Python, PowerShell, Bash, and REST APIs for developing automation, detection content, playbooks, and security workflows.

• Experience in integrating security technologies, managing log pipelines, and implementing automation that balances operational efficiency with appropriate human oversight.

• Strong interest in emerging threats, attacker techniques, and defense strategies, with a commitment to continuous learning and professional growth.

• Demonstrated ownership, problem-solving skills, and dedication to safeguarding organizational assets while facilitating secure business operations.

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent hands-on experience.

• Preferred professional security certifications include OSCE, CRTP, SC-200, or equivalent.

• Excellent written and verbal communication skills, with the ability to collaborate effectively across technical and non-technical teams.


🏝️ Benefits

• Opportunities for professional growth in a dynamic, rapidly evolving, high-social-impact industry.

• An open-minded, collaborative culture comprised of enthusiastic colleagues driven by the challenge of innovation aimed at making a significant impact on individuals and the planet.

• A truly multicultural experience: you will have the opportunity to work with and learn from individuals of diverse geographies, nationalities, and backgrounds.

• Structured, tailored learning and development programs that support your growth as a leader, manager, and professional through the Sun King Center for Leadership.

People also viewed

Censys16 hours ago

Director of Product Management, Security Operations

US flagUnited States OnlyFull-timeSecurity Operations$206k – $294k/year
ApplyView job
Jamf1 day ago

Security Operations Engineer I – Weekend Shift

PL flagPoland OnlyFull-timeSecurity Operations
ApplyView job
CallTek1 day ago

SOC Analyst, Level 2

PH flagPhilippines OnlyFull-timeSecurity Operations
ApplyView job
Binance1 day ago

SOC Engineer – Incident Response

SG flagSingapore OnlyFull-timeSecurity Operations
ApplyView job
Twilio1 day ago

Global Security Operations Center Operator

US flagCalifornia, +5 more statesFull-timeSecurity Operations$26 – $38/hour
ApplyView job
Cooperativa Central Ailos3 days ago

Information Security Analyst II – SecOps

Anywhere in the WorldFull-timeSecurity Operations
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers