SOC Analyst 2

Mercor is hiring

SOC Analyst II

professionals on behalf of high-growth technology and enterprise partners to strengthen their

security operations and incident response capabilities

. This role is ideal for experienced SOC analysts who can independently investigate, respond to, and remediate security incidents across cloud, endpoint, and network environments.

• * *

## Responsibilities - Monitor, triage, and investigate security alerts from

SIEM, EDR/XDR, IDS/IPS, and cloud security tools

, distinguishing real threats from false positives. - Perform

in-depth incident investigations

, including log analysis, endpoint inspection, network traffic analysis, and timeline reconstruction. - Lead response actions for confirmed incidents, including

containment, remediation, and recovery

, following established incident response playbooks. - Conduct

threat hunting

activities to proactively identify adversarial behavior not detected by automated tools. - Tune detection rules, alerts, and dashboards to improve signal quality and reduce alert fatigue. - Collaborate with security engineering, IT, and cloud teams to remediate vulnerabilities and improve overall security posture. - Maintain accurate incident documentation, reports, and post-incident reviews. - Mentor and support

Tier 1 SOC analysts

, providing guidance on investigations and response techniques.

• * *

## Requirements - 2–4+ years of experience in a

Security Operations Center (SOC)

or incident response role. - Strong understanding of

networking fundamentals

(TCP/IP, DNS, HTTP/S) and common attack vectors. - Hands-on experience with

SIEM platforms

(e.g., Splunk, Sentinel, QRadar) and

EDR/XDR tools

(e.g., CrowdStrike, SentinelOne). - Proficiency in analysing

Linux and Windows

logs and system activity. - Experience with

cloud security monitoring

in AWS, GCP, or Azure environments. - Familiarity with

MITRE ATTACK

, threat actor tactics, techniques, and procedures (TTPs). - Basic scripting or automation skills (Python, Bash, or PowerShell) preferred. - Strong written and verbal communication skills for incident reporting and cross-team collaboration.

• * *

## Why Join - Work with leading companies strengthening their

security operations and cyber defense

capabilities. - Take ownership of

end-to-end incident investigations

and response actions. - Collaborate with experienced security engineers, threat hunters, and cloud teams. - Gain exposure to modern

cloud, endpoint, and detection engineering

environments. - Join a global network of vetted security professionals through Mercor.