RemoteLeaf Logo
Log in Sign up

Night Shift SOC Analyst - Level 1

1 week, 6 days ago
United States
Full-time
Entry Level
Security Analyst
Cybersecurity
Cybersecurity DDoS DNS Elasticsearch FTP HTTP SIEM SOC Splunk TCP/IP
Apply Now
Coretek

Coretek

Coretek specializes in providing high-performance consulting, managed services, and security solutions as a leading Microsoft Azure Cloud Provider in the United States, focusing on addressing complex business challenges through innovative AI-driven tec...

Internet Software & Services
51-250
Founded 2005
View All Jobs 2

Description

  • Monitor alerts from SIEM, firewalls, IDS/IPS, endpoint tools, and other security systems to identify potential incidents.
  • Triage security alerts by severity, impact, and urgency using established criteria.
  • Collect and validate initial alert details such as source, target, timestamp, and related logs.
  • Perform preliminary analysis using playbooks and SOPs to identify false positives or determine whether escalation is needed.
  • Execute containment actions from playbooks, such as blocking IP addresses or isolating affected systems.
  • Verify remediation steps are effective and document all actions with timestamps.
  • Escalate complex, advanced, or high-priority incidents to Level 2 analysts with detailed context and analysis.
  • Maintain accurate SOC incident records, including alerts, outcomes, and audit-ready documentation.
  • Communicate status updates, key findings, risks, and required actions to supervisors and response teams.
  • Collaborate with teammates to resolve blockers and support incident response workflows.

Requirements

  • Familiarity with SIEM platforms such as Elastic, Splunk, or QRadar, as well as firewalls, IDS/IPS, and endpoint tools.
  • Basic knowledge of networking concepts including TCP/IP, DNS, VPN, HTTP, and FTP.
  • Awareness of common threats and attack vectors, including phishing, malware, and DDoS.
  • Ability to triage alerts and distinguish false positives from real threats.
  • Experience following playbooks and SOPs for initial response and remediation.
  • Strong attention to detail for monitoring events, identifying anomalies, and documenting actions.
  • Clear written and verbal communication skills for reporting findings and escalating incidents.
  • Ability to collaborate effectively in team-based incident response situations.
  • Comfort working in a high-pressure, dynamic environment with multiple concurrent tasks.
  • Willingness to work 24/7 shifts, including nights and weekends; shift schedule includes 7 a.m. - 7 p.m. Mon-Tues-Wed and 7 a.m. - 7 p.m. Sun-Mon-Tues every third or fourth week.
  • Degree in cybersecurity, IT, or a related field preferred, or equivalent experience.
  • Entry-level certifications such as CompTIA Security+ or Cisco CCNA preferred, or equivalent experience.
  • Additional security certifications are desired.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Avint

Entry-Level Assessor (Assessment & RMF Track)

Avint 11-50 IT Services

Avint is hiring an Entry-Level Cybersecurity Analyst to support security assessment, documentation, and continuous monitoring for critical systems in the HACS program and federal cybersecurity operations.

United States Full-time Entry Level Security Analyst
Cybersecurity
1 hour, 40 minutes ago
Banner Bank

Senior Cyber Security Analyst (Remote within WA, ID, OR)

Banner Bank 1K-5K Banks

Senior Cyber Security Analyst at a financial services organization, leading enterprise security efforts across on-premises and Azure environments to protect systems, data, and operations.

United States Full-time Senior Security Analyst
$117k-$154k
Active Directory Azure Encryption Network Security
23 hours, 56 minutes ago
Avint

Cybersecurity Analyst (SOC Analyst / Threat Monitoring & Response)

Avint 11-50 IT Services

Avint is hiring a Cybersecurity Analyst to support the HACS program by monitoring security events, analyzing threats, and assisting with incident response for critical systems.

United States Full-time Junior Security Analyst
Cybersecurity SIEM
1 day ago
Calendly

Trust and Safety Operations Analyst

Calendly 251-1K Internet Software & Services

Calendly is hiring an Operations Analyst to support Trust & Safety operations within Product Operations, helping manage escalations, investigations, and review workflows that reduce risk and improve response quality across the platform.

United States Full-time Senior Operations Analyst Security Analyst
$138k-$210k
Confluence JIRA
1 day, 22 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers