SOC Analyst Remote

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 10 hours ago

Vacancies: 1 Vacancy

Job Summary

About the job

Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco our investors include Benchmark General Catalyst Peter Thiel Adam DAngelo Larry Summers and Jack Dorsey.

Position: SOC Investigation Specialist
Type: Contract
Compensation: $70$95/hour
Location: Remote

Role Responsibilities

Review monitor and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria.
Distinguish true positives from false positives by validating investigative evidence and alert context.
Perform end-to-end security investigations including log analysis entity pivoting timeline reconstruction and evidence correlation.
Assess the correctness completeness and quality of SOC investigations produced by automated or human workflows.
Use Splunk extensively to pivot across logs entities and timelines including reading and reasoning about SPL queries.
Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards.

Qualifications

Must-Have

3 years of hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above strongly preferred).
Strong understanding of alert triage incident investigation workflows and evidence-based decision-making under time constraints.
Mandatory hands-on experience with Splunk including conducting investigations and reasoning about SPL queries.
Proven ability to evaluate SOC investigations and determine whether conclusions are valid incomplete or incorrect.
Fluent English (written and spoken) with strong documentation and communication skills.

Preferred

Experience with Endpoint Detection & Response (EDR) tools such as CrowdStrike Falcon Microsoft Defender for Endpoint or SentinelOne.
Experience analyzing cloud security logs and signals: AWS (CloudTrail GuardDuty) Azure (Activity Log Defender for Cloud) GCP (Cloud Audit Logs).
Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID (Azure AD).
Experience with email security tools like Proofpoint or Mimecast.
SOC leadership or mentoring experience.
Basic scripting experience (Python or similar).
Security certifications (optional): GCIA GCIH GCED Splunk certifications Security CCNA or cloud security certifications.

Application Process (Takes 2030 mins to complete)

Upload resume
AI interview based on your resume
Submit form

Resources & Support

For details about the interview process and platform information please check:
For any help or support reach out to:

PS: Our team reviews applications daily. Please complete your AI interview and application steps to be considered for this opportunity.

About the job Mercor connects elite creative and technical talent with leading AI research labs. Headquartered in San Francisco our investors include Benchmark General Catalyst Peter Thiel Adam DAngelo Larry Summers and Jack Dorsey. Position: SOC Investigation Specialist Type: Contract Compensation:...