SOC Analyst

We’re seeking an experienced SOC Analyst to deepen our detection engineering capabilities and incident investigations. If you’ve spent at least two years in a SOC role, love writing and tuning detections, and thrive in a fast-paced, fully remote team—let’s talk.

What you’ll do:
- Detection Engineering & Rule Development
- Design, implement, and maintain detection rules in the SentinelOne XDR platform
- Translate threat-actor TTPs (MITRE ATT&CK) into actionable, low-noise detections
- Alert Triage & Incident Analysis
- Conduct investigations on alerts Identify root cause, scope, and impact; recommend containment & remediation steps
- Shift Rotations & Handover
- Participate in day/night/weekend rotations to ensure 24/7 coverage
- Prepare detailed handover notes and run regular shift‐change briefings
- Analyze alert metrics to drive down false positives and optimize signal-to-noise ratio
- Develop playbooks to streamline common workflows
- Mentor junior analysts and lead post-incident reviews

What we’re looking for: 
- 2+ years of hands-on SOC experience, ideally in a managed detection & response (MDR) or enterprise SOC
- Proven track record in detection engineering: writing, testing, and tuning rules signatures
- Strong expertise with Windows & Linux system forensics, network protocols, and authentication mechanisms
- Experience with cloud native logs & services (AWS CloudTrail, Azure Monitor, GCP Cloud Logging)
- Excellent English communication skills (written and verbal)
- Detail-oriented, proactive, and thrives in a remote, distributed team environment

Bonus points for:
Scripting or development skills in Python, PowerShell, or similar

Hands-on with SOAR platforms