Remotery

SOC Analyst

Posted May 14

This is a fully remote position, open to applicants in Tennessee.

📋 Description

• Continuously oversee and prioritize alerts and detections across SIEM, EDR/XDR, identity, email, network, and cloud telemetry for our managed client base, applying severity classification and initial enrichment on each event you handle.

• Conduct thorough investigations of suspicious activities from start to finish — including validation, pivoting, and root-cause analysis — utilizing knowledge of attacker tradecraft, the MITRE ATT&CK framework, and the cyber kill chain to arrive at confident, well-supported conclusions.

• Implement established response playbooks to mitigate threats, which may involve isolating hosts, disabling compromised accounts, blocking indicators, resetting credentials, and coordinating transitions with client and engineering teams.

• Collaborate with Detection Engineering to minimize noise and false positives, as well as propose, test, and deploy new analytics, automations, and SOAR playbooks that enhance the SOC's efficiency and accuracy.

• Maintain audit-quality documentation throughout each case, meticulously recording notes, timelines, and customer-facing communications in the ticketing and case-management system.

• Consistently achieve triage, investigation, and notification SLAs while maintaining high accuracy, low false-positive rates, and ensuring strong client satisfaction across the portfolio.

• Propel the ongoing enhancement of the SOC by integrating lessons learned back into detections, playbooks, runbooks, and knowledge base articles in collaboration with SOC Leadership and Detection Engineering.

• Work on a designated shift (Day, Swing, or Night) within a 24x7 rotation — including weekends and holidays as scheduled — and respond to on-call escalations as necessary.


⛳️ Requirements

• One or more years of experience in an IT security role or IT support role with substantial security responsibilities.

• Proficient understanding of fundamental security concepts: TCP/IP, common protocols, Windows and Linux basics, Active Directory / Entra ID, basic cloud concepts (Azure / AWS / GCP), and prevalent attacker techniques.

• Familiarity with at least one SIEM and one EDR/XDR platform; comfortable creating or modifying basic queries (KQL, SPL, or similar).

• Proven ability in effective communication and collaboration within a diverse, high-performance team environment, demonstrating a strong commitment to customer service.

• Candidates must undergo a background examination.


🏝️ Benefits

• Inclusive work environment

• Accommodations throughout the interview process

People also viewed

Vaultes11 hours ago

SOC Analyst Tier 2

US flagUnited States OnlyFull-timeSecurity Operations
ApplyView job
MRO12 hours ago

Senior Analyst, AI Operations & Security

US flagUnited States OnlyFull-timeSecurity Operations$92k – $124k/year
ApplyView job
Mozilla13 hours ago

Senior Security Engineer, Add-ons Operations

CA flagCanada OnlyFull-timeSecurity Operations$104k – $139k/year
ApplyView job
Resillion2 days ago

Senior SOC Analyst – Sentinel

GB flagUnited Kingdom OnlyFull-timeSecurity Operations
ApplyView job
Samsara2 days ago

Senior Security Operations Engineer

US flagCalifornia, +9 more statesFull-timeSecurity Operations$132.6k – $171.6k/year
ApplyView job
Resillion2 days ago

Senior SOC Analyst – Sentinel

GB flagUnited Kingdom OnlyFull-timeSecurity Operations
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers