SOC Analyst 2 at Mercor

SOC Analyst 2 | $50–75/hr | Worldwide Remote

Mercor is hiring SOC Analyst II professionals on behalf of high-growth technology and enterprise partners to strengthen their security operations and incident response capabilities. This role is ideal for experienced SOC analysts who can independently investigate, respond to, and remediate security incidents across cloud, endpoint, and network environments.

Responsibilities

• Monitor, triage, and investigate security alerts from SIEM, EDR/XDR, IDS/IPS, and cloud security tools, distinguishing real threats from false positives
• Perform in-depth incident investigations, including log analysis, endpoint inspection, network traffic analysis, and timeline reconstruction
• Lead response actions for confirmed incidents, including containment, remediation, and recovery, following established incident response playbooks
• Conduct threat hunting activities to proactively identify adversarial behavior not detected by automated tools
• Tune detection rules, alerts, and dashboards to improve signal quality and reduce alert fatigue
• Collaborate with security engineering, IT, and cloud teams to remediate vulnerabilities and improve overall security posture
• Maintain accurate incident documentation, reports, and post-incident reviews
• Mentor and support Tier 1 SOC analysts, providing guidance on investigations and response techniques

Requirements

• 2–4+ years of experience in a Security Operations Center (SOC) or incident response role
• Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP/S) and common attack vectors
• Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR/XDR tools (e.g., CrowdStrike, SentinelOne)
• Proficiency in analyzing Linux and Windows logs and system activity
• Experience with cloud security monitoring in AWS, GCP, or Azure environments
• Familiarity with MITRE ATT&CK, threat actor tactics, techniques, and procedures (TTPs)
• Basic scripting or automation skills (Python, Bash, or PowerShell) preferred
• Strong written and verbal communication skills for incident reporting and cross-team collaboration

Why Join

• Work with leading companies strengthening their security operations and cyber defense capabilities
• Take ownership of end-to-end incident investigations and response actions
• Collaborate with experienced security engineers, threat hunters, and cloud teams
• Gain exposure to modern cloud, endpoint, and detection engineering environments
• Join a global network of vetted security professionals through Mercor