Remote SOC Analyst - Cybersecurity Specialist

About the Role

Join Keyrock as a Remote SOC Analyst and become a vital part of our cybersecurity team. As a SOC Analyst, you will be the escalation point for complex investigations and active incidents, ensuring the security of our digital assets and systems.

What You’ll Do

• Take escalations from Level 1 analysts and independently investigate complex, multi-signal alerts.
• Perform deep log and telemetry analysis across various platforms including SIEM, EDR, and cloud logs.
• Serve as the technical incident lead for defined incident types, driving containment and eradication steps.
• Enrich investigations with threat intelligence and map observed behavior to frameworks like ATT&CK.
• Tune SIEM correlation rules and alert thresholds to reduce false positives and improve detection quality.
• Provide mentorship and real-time guidance to Level 1 analysts, improving escalation quality through coaching.
• Contribute to SOC metrics and continuous improvement efforts.

Requirements

• 2-5+ years of SOC, incident response, or security operations experience.
• Strong investigative skills across cloud security operations and endpoint security.
• Proficiency with at least one SIEM and common SOC tooling (e.g., Splunk, CrowdStrike).
• Ability to write clear incident documentation including timelines and recommended remediations.
• Comfort operating in an on-call or shift environment.

Nice to Have

• Experience in detection engineering and automation.
• Familiarity with DFIR fundamentals and endpoint artifact analysis.
• Exposure to container and Kubernetes security.
• Practical scripting skills in Python or Bash.
• Certifications such as GCIH, GCIA, or AWS Security Specialty.

What We Offer

• Competitive salary and benefits package.
• Fully remote work environment with flexible hours.
• Opportunities for professional development and growth.
• A diverse and inclusive team culture.
• Regular team events and online hangouts.