SOC Analyst 2

Mercor is hiring **SOC Analyst II** professionals on behalf of high-growth technology and enterprise partners to strengthen their **security operations and incident response capabilities**. This role is ideal for experienced SOC analysts who can independently investigate, respond to, and remediate security incidents across cloud, endpoint, and network environments.
• * *

## Responsibilities

- Monitor, triage, and investigate security alerts from **SIEM, EDR/XDR, IDS/IPS, and cloud security tools**, distinguishing real threats from false positives.

- Perform **in-depth incident investigations**, including log analysis, endpoint inspection, network traffic analysis, and timeline reconstruction.

- Lead response actions for confirmed incidents, including **containment, remediation, and recovery**, following established incident response playbooks.

- Conduct **threat hunting** activities to proactively identify adversarial behavior not detected by automated tools.

- Tune detection rules, alerts, and dashboards to improve signal quality and reduce alert fatigue.

- Collaborate with security engineering, IT, and cloud teams to remediate vulnerabilities and improve overall security posture.

- Maintain accurate incident documentation, reports, and post-incident reviews.

- Mentor and support **Tier 1 SOC analysts**, providing guidance on investigations and response techniques.
• * *

## Requirements

- 2–4+ years of experience in a **Security Operations Center (SOC)** or incident response role.

- Strong understanding of **networking fundamentals** (TCP/IP, DNS, HTTP/S) and common attack vectors.

- Hands-on experience with **SIEM platforms** (e.g., Splunk, Sentinel, QRadar) and **EDR/XDR tools** (e.g., CrowdStrike, SentinelOne).

- Proficiency in analysing **Linux and Windows** logs and system activity.

- Experience with **cloud security monitoring** in AWS, GCP, or Azure environments.

- Familiarity with **MITRE ATTACK**, threat actor tactics, techniques, and procedures (TTPs).

- Basic scripting or automation skills (Python, Bash, or PowerShell) preferred.

- Strong written and verbal communication skills for incident reporting and cross-team collaboration.
• * *

## Why Join

- Work with leading companies strengthening their **security operations and cyber defense** capabilities.

- Take ownership of **end-to-end incident investigations** and response actions.

- Collaborate with experienced security engineers, threat hunters, and cloud teams.

- Gain exposure to modern **cloud, endpoint, and detection engineering** environments.

- Join a global network of vetted security professionals through Mercor.

Apply tot his job