Remotery

SOC Analyst, Level 1

Posted Jun 25

This is a fully remote position, open to applicants in Philippines.

📋 Description

• Oversee security events and alerts utilizing SIEM and defensive tools; carry out initial triage and classification (benign / false positive / suspicious / incident).

• Gather and assess basic evidence: endpoint telemetry, Windows/Linux logs, firewall/IDS, DNS/proxy; conduct initial correlation (host/user/IP/IOC/process).

• Implement runbooks/playbooks (e.g., password reset requests, IOC block requests, host isolation requests) when authorized and in accordance with procedures.

• Generate and sustain high-quality tickets with a clear narrative: detailing what occurred, supporting evidence, potential impact, actions taken, and suggested next steps.

• Escalate to L2/L3/IR when there is evidence of compromise, material risk, lateral movement, or uncertainty necessitating a more in-depth investigation.

• Provide organized shift handovers (case status, findings, hypotheses, next steps, blockers).

• Adhere to operational SLAs and maintain documentation quality standards.


⛳️ Requirements

• 0–2 years of experience in SOC/NOC/IT Security operations or equivalent practical experience demonstrated through labs/casework.

• Strong foundational knowledge in networking: TCP/IP, DNS, HTTP/S, VPN, NAT.

• Basic proficiency in Windows and Linux (processes, authentication, logging concepts).

• Capability to interpret log fields (source/destination, user, process, hash, URL, action, result).

• Proficient spoken and written English (minimum B2) — must be able to engage in technical calls and compose clear tickets and summaries in English.

• Exceptional attention to detail, organized thinking, prioritization skills, and the ability to work effectively under pressure and through repetitive workflows without compromising quality.

• Familiarity with SIEM/EDR/IDS tools (e.g., Wazuh, Splunk, Sentinel, QRadar; Defender/CrowdStrike; Suricata/Snort). (Nice to have)

• Basic query skills (KQL/SPL/Lucene/DQL) and understanding of MITRE ATT&CK concepts. (Nice to have)

• Entry-level certifications (e.g., Security+, BTL1, CySA+) or equivalent evidence of competence. (Nice to have)


🏝️ Benefits

• [Insert benefit details here]

• [Insert additional benefit details here]

People also viewed

CACI International Inc4 days ago

Security Operations Center Specialist

US flagUnited States OnlyFull-timeSecurity Operations$90.3k – $189.6k/year
ApplyView job
World Wildlife Fund4 days ago

Cybersecurity Incident Response Engineer

PE flagPeru OnlyFull-timeSecurity Operations
ApplyView job
Apogee Engineering, LLCJun 26

C2 Ops – Cyber Security

US flagUnited States OnlyFull-timeSecurity Operations
ApplyView job
MROJun 26

Senior Analyst, AI Operations & Security

US flagUnited States OnlyFull-timeSecurity Operations$92k – $124k/year
ApplyView job
MozillaJun 26

Senior Security Engineer, Add-ons Operations

CA flagCanada OnlyFull-timeSecurity Operations$104k – $139k/year
ApplyView job
Veeam SoftwareJun 25

Senior Cyber-Security Operations Analyst, Product AppSec

US flagTexas OnlyFull-timeSecurity Operations$121.4k – $225.3k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers