SOC Analyst 2

Mercor is hiring **SOC Analyst II** professionals on behalf of high-growth technology and enterprise partners to strengthen their **security operations and incident response capabilities**. This role is ideal for experienced SOC analysts who can independently investigate, respond to, and remediate security incidents across cloud, endpoint, and network environments.
• * *

## Responsibilities

• Monitor, triage, and investigate security alerts from **SIEM, EDR/XDR, IDS/IPS, and cloud security tools**, distinguishing real threats from false positives.

• Perform **in-depth incident investigations**, including log analysis, endpoint inspection, network traffic analysis, and timeline reconstruction.

• Lead response actions for confirmed incidents, including **containment, remediation, and recovery**, following established incident response playbooks.

• Conduct **threat hunting** activities to proactively identify adversarial behavior not detected by automated tools.

• Tune detection rules, alerts, and dashboards to improve signal quality and reduce alert fatigue.

• Collaborate with security engineering, IT, and cloud teams to remediate vulnerabilities and improve overall security posture.

• Maintain accurate incident documentation, reports, and post-incident reviews.

• Mentor and support **Tier 1 SOC analysts**, providing guidance on investigations and response techniques.
• * *

## Requirements

• 2–4+ years of experience in a **Security Operations Center (SOC)** or incident response role.

• Strong understanding of **networking fundamentals** (TCP/IP, DNS, HTTP/S) and common attack vectors.

• Hands-on experience with **SIEM platforms** (e.g., Splunk, Sentinel, QRadar) and **EDR/XDR tools** (e.g., CrowdStrike, SentinelOne).

• Proficiency in analysing **Linux and Windows** logs and system activity.

• Experience with **cloud security monitoring** in AWS, GCP, or Azure environments.

• Familiarity with **MITRE ATTACK**, threat actor tactics, techniques, and procedures (TTPs).

• Basic scripting or automation skills (Python, Bash, or PowerShell) preferred.

• Strong written and verbal communication skills for incident reporting and cross-team collaboration.
• * *

## Why Join

• Work with leading companies strengthening their **security operations and cyber defense** capabilities.

• Take ownership of **end-to-end incident investigations** and response actions.

• Collaborate with experienced security engineers, threat hunters, and cloud teams.

• Gain exposure to modern **cloud, endpoint, and detection engineering** environments.

• Join a global network of vetted security professionals through Mercor.