RemoteLeaf Logo
Log in Sign up

L3 SOC Analyst / Incident Response Analyst

1 hour, 28 minutes ago
Mexico, Argentina, Brazil, Colombia, Costa Rica
Full-time
Senior
Security Analyst
Cybersecurity
Cybersecurity PowerShell Python REST API SIEM
Apply Now
ProArch

ProArch

At ProArch, we help our clients accelerate growth and mitigate risk with IT services, cybersecurity services, application development, cloud computing, and data analytics. ProArch was founded on the belief that a future where change is ‘business as usu...

Internet Software & Services
251-1K
Founded 2006
View All Jobs 18

Description

  • Lead and support advanced security incident investigations across multiple customer environments.
  • Perform threat triage, IOC analysis, threat correlation, endpoint and identity investigations, email security investigations, and cloud security incident analysis.
  • Investigate and respond to account compromise, BEC, malware, ransomware, privilege escalation, lateral movement, phishing, and social engineering incidents.
  • Coordinate containment, remediation, and recovery activities with customer and internal teams.
  • Provide detailed investigation findings, timelines, impact assessments, and response recommendations.
  • Conduct proactive threat hunting and threat validation activities.
  • Support digital forensics and evidence collection activities when needed.
  • Design, develop, tune, and maintain detection rules, analytics rules, KQL queries, and correlation logic in Microsoft Sentinel and Microsoft Defender XDR.
  • Build and optimize SOC automation workflows using Sentinel playbooks, Logic Apps, SOAR platforms, and API-driven integrations.
  • Maintain investigation playbooks, SOPs, workflow documentation, operational runbooks, and detection documentation while collaborating with SOC, engineering, vendors, and customer stakeholders.

Requirements

  • Bachelor’s degree or graduation in Computer Science, Information Technology, Cybersecurity, or a related technical field is mandatory.
  • 6-9 years of overall cybersecurity experience.
  • Strong hands-on experience in incident response, threat investigation, SOC operations, detection engineering, and DFIR activities.
  • Prior Incident Response Analyst experience is highly preferred.
  • Experience working within MSSP environments is preferred.
  • Experience supporting or collaborating with US-based teams and vendors is preferred.
  • Proven hands-on experience with SOAR platforms in enterprise or MSSP environments.
  • Strong experience designing and implementing SOC automation workflows from scratch.
  • Hands-on experience with Microsoft Sentinel and Defender XDR SIEM operations is mandatory.
  • Strong hands-on experience with Microsoft security platforms including MDE, Defender XDR, MDI, MDO, MDCA, Microsoft Purview, Entra ID / Microsoft Identity Protection, and CrowdStrike Falcon.
  • Strong experience creating detection rules, analytics rules, KQL queries, and tuning detections.
  • Experience with SOC workflow design, SOAR engineering, API integrations, and workflow orchestration.
  • Understanding of MITRE ATT&CK, threat detection methodologies, threat hunting methodologies, and AI-driven attack techniques.
  • Preferred experience with PowerShell, Python, REST APIs, and Logic Apps.
  • KQL is mandatory.
  • Preferred certifications include Microsoft SC-200, SC-401, AZ-500, SC-900, SC-100, CISSP, and SOAR or security automation certifications.
  • Strong verbal and written communication skills and the ability to work across technical and non-technical teams.
  • Ability to work independently in a remote-first, multicultural, fast-paced MSSP environment.
  • Rotational shift availability for US business hours or after hours, with on-call escalation participation when required.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

U

Associate Cyber Threat Researcher

UltraViolet Cyber 501-1000 Computer and Network Security

UltraViolet Cyber is hiring a remote Associate Cyber Threat Researcher to support its Threat Intelligence & Detection Engineering team by hunting threats, developing detections, and helping customers strengthen defenses against modern cyber attacks.

United States Full-time Junior Security Analyst
$50k-$90k
CrowdStrike Cybersecurity Elasticsearch PowerShell Python SIEM
48 minutes ago
Intersect

NERC (CIP) Compliance Lead

Intersect 1-10 Internet Software & Services

Intersect is seeking a NERC (CIP) Compliance Lead to strengthen compliance, cybersecurity, and operational resilience for critical energy and data center infrastructure across its U.S. operations.

United States Full-time Lead Security Analyst
$188k-$205k
Cybersecurity
1 hour, 43 minutes ago
Kaseya

Insider Threat Analyst

Kaseya 1K-5K IT Services

Kaseya is seeking an Insider Threat Analyst to support incident detection, investigation, and response across its cloud and on-premise environment, helping improve containment, remediation, and overall incident response capabilities.

United States Senior Security Analyst
Cybersecurity SIEM SOC
1 hour, 43 minutes ago
Mercier Consultancy

Norwegian Speaking Digital Trust and Safety Analyst - Work In Bulgaria

Mercier Consultancy Professional Services

Mercier Consultancy MD is hiring a Norwegian-speaking Digital Trust and Safety Analyst in Bulgaria to monitor platform activity, address safety risks, and support a safer user experience.

Bulgaria Norway Full-time Junior Security Analyst
10 hours, 43 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers