RemoteLeaf Logo
Log in Sign up

SOC Engineer - 2

22 hours, 50 minutes ago
India
Full-time
Mid Level
Security Analyst
DevOps and Infrastructure
AWS CrowdStrike DNS Python SIEM Splunk TCP/IP
Apply Now
Quince

Quince

Quince challenges the notion that quality comes at a high price. They aim to provide products of equal or superior quality to luxury brands at significantly lower prices by eliminating middlemen and overseeing every aspect of production. Their goods ar...

Textiles, Apparel & Luxury Goods
51-250
Founded 2018
$64M raised
View All Jobs 61

Description

  • Monitor and triage security alerts from EDR, DLP, SIEM, cloud, and web security platforms.
  • Investigate security incidents involving credential compromise, unauthorized access, malware infections, and data exposure.
  • Analyze logs across endpoints, cloud services, and applications to determine incident root cause, impact, and scope.
  • Perform proactive threat hunting to identify suspicious activity and gaps in existing detections.
  • Execute containment, remediation, and recovery actions following incident response procedures.
  • Develop, tune, and improve detection rules and alerting logic to reduce false positives and improve signal quality.
  • Translate threat intelligence into actionable detection use cases and monitoring strategies.
  • Contribute to automation initiatives for alert enrichment, workflow optimization, and incident response processes.
  • Design and implement automation to improve true positive detection and enable automated triage of known issues.
  • Monitor cloud security findings and support remediation of configuration and access control issues.
  • Collaborate with engineering, IT, and business teams during investigations and incident response activities.
  • Maintain and improve incident response playbooks, runbooks, and operational documentation.
  • Track and report operational metrics including incident trends, response times, and alert quality.
  • Stay current with emerging threats, attacker techniques, and security best practices.

Requirements

  • 2–4 years of experience in SOC, Security Operations, or Incident Response roles.
  • Strong understanding of the incident response lifecycle and threat detection methodologies.
  • Hands-on experience with security tools such as EDR, DLP, SIEM, vulnerability scanners, and cloud security platforms.
  • Experience with tools such as CrowdStrike, Netskope, Splunk, Sentinel, or similar technologies.
  • Strong understanding of networking fundamentals including TCP/IP, DNS, HTTP/S, SMTP, and common attack vectors.
  • Experience analyzing logs and telemetry across endpoints, cloud environments, and applications.
  • Basic scripting or automation experience using Python or similar languages.
  • Experience with detection engineering, SIEM rule creation, dashboards, and alert tuning.
  • Familiarity with frameworks and methodologies such as MITRE ATT&CK, Cyber Kill Chain, threat hunting, and forensic analysis.
  • Strong analytical thinking, problem-solving, and communication skills.
  • Ability to work effectively in fast-paced and high-pressure environments.
  • Experience with AWS security services and cloud-native security tooling (preferred).
  • Familiarity with SOAR platforms and security automation workflows (preferred).
  • Experience with threat intelligence platforms and IOC management (preferred).
  • Exposure to endpoint forensics and malware analysis concepts (preferred).
  • Relevant certifications such as Security+, CEH, GCIH, GCIA, or similar (preferred).
  • Experience working in high-growth or cloud-native environments (preferred).

Benefits

  • Equal employment opportunity with no discrimination or harassment.
  • Reasonable accommodations available for qualified individuals with disabilities.
  • Employment contingent upon successful completion of a background check.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

AlphaSense

Security Operations Analyst

AlphaSense 251-1K Internet Software & Services

AlphaSense is hiring a Security Operations Center (SOC) Analyst to monitor, investigate, and triage security alerts and incidents across its security tooling and cloud environment.

India Full-time Junior Security Analyst
AWS GCP Python SIEM Splunk
1 hour, 48 minutes ago
Rubrik

Senior Security GRC Analyst

Rubrik 1K-5K IT Services

Rubrik is hiring a Compliance Analyst to help run and continuously improve its security compliance program across multiple regulatory and control frameworks.

India Full-time Senior Security Analyst
HIPAA JIRA Power BI
11 hours, 4 minutes ago
ZeroFox

Intelligence Analyst

ZeroFox 251-1K Internet Software & Services

ZeroFox is hiring an Intelligence Analyst to research and assess physical, cyber, geopolitical, reputation, and compliance threats for client-focused intelligence reporting and risk analysis.

United States Full-time Junior Security Analyst
$60k-$80k
Cybersecurity DNS
13 hours, 55 minutes ago
MetroStar

Sr. Information Systems Security Officer II (6587)

MetroStar 251-1K IT Services

MetroStar is hiring an Information Systems Security Officer to support government clients in achieving and sustaining Authority to Operate for federal information systems.

United States Full-time Lead Security Analyst
$156k-$200k
Cybersecurity Encryption
18 hours, 29 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers