Sr. SOC Analyst

RemoteSalary not specified

Job Description, Responsibilities & Requirements

About the Position

Position Name: Sr. SOC Analyst

Reports to: SOC Team Lead

Location/Type: Remote

Status: Hourly

Atlas Technica shoulders IT management, user support, and cybersecurity for hedge funds and other investment firms. We value ownership, execution, growth, intelligence, and camaraderie, and are looking for people who share these values while putting the customer first.

The SOC Analyst is a Senior front-line and escalation role for complex incidents. Leads investigations, refines detection and runbooks based on real-world cases, and acts as a bridge between SOC, NOC, engineering, and client leadership. Drives consistency and quality in alert handling and incident response.

This role requires strong spoken and written English to lead investigations, provide clear stakeholder updates, and maintain high documentation quality across internal and client-facing communications.

Responsibilities

Alert Monitoring and Triage

  • Serve as the primary front line for SOC security alerts during coverage hours.
  • Monitor alerts from Microsoft Defender, Intune, DLP, Azure AD/Entra ID, and SIEM/SOC providers.
  • Acknowledge, classify, and prioritize alerts based on severity, client impact, and defined SLAs.
  • Execute runbook-driven triage steps (log collection, user verification, initial containment) and determine true/false positives.

Advanced Investigation and Response

  • Investigate alerts using Defender portals, SIEM, activity logs, and audit trails.
  • Correlate identity, endpoint, cloud, and network signals to build a clear incident narrative.
  • Execute containment actions (account disable, password reset, endpoint isolation, firewall change requests) in line with runbooks and change control.
  • Escalate incidents to senior SOC staff, NOC, engineering, or client teams based on defined criteria.
  • Lead complex investigations involving multiple signals (identity, endpoint, cloud, network), build full incident narratives, and define remediation plans.
  • Serve as an escalation point for Junior and SOC Analysts during high-severity or multi-tenant incidents.
  • Coordinate with NOC, engineering, CSMs, and clients during major incidents, including stakeholder communications and summaries.

Runbooks, Ticketing, and Communication

  • Own quality and consistency of key SOC runbooks for high-volume or high-severity use cases; drive improvements based on incident learnings.
  • Provide detailed feedback to SOC Engineers on tuning needs, false-positive patterns, and gaps in detection or visibility.
  • Deliver clear, professional English communications during major incidents, including investigation summaries, stakeholder updates, handoffs, and mentoring feedback.

Coaching and Process Improvement

  • Mentor Junior and SOC Analysts on investigations, documentation, and communication quality.
  • Lead portions of SOC ceremonies (case reviews, training sessions) and contribute to continuous improvement of SOC processes and KPIs.

Requirements

  • 3-5+ years of experience in IT and/or security operations (NOC, SOC, systems engineering, or equivalent).
  • Strong professional proficiency in written and spoken English, including the ability to lead incident communications, produce clear executive-ready summaries, and coach others on documentation quality.
  • Practical experience with:
    • Deep, practical expertise with Defender stack, M365/Azure security controls, and at least one SIEM, including authoring queries, correlated views, and complex investigations.
    • Strong understanding of identity-centric security, endpoint hardening, and common attack techniques across the kill chain.
  • Ability to:
    • Read and interpret security alerts, logs, and correlated events.
    • Communicate clearly with both technical and non-technical stakeholders, including clients.
    • Document incidents, runbooks, and processes in a clear, structured way.
    • Demonstrated passion for security, strong ownership mindset, follow-through, and data-driven decision-making.

Nice to Have

  • Experience in a Managed Services Provider (MSP) or multi-tenant environment.
  • Familiarity with Cavelo or other data discovery/exposure platforms.
  • Experience with vulnerability management tools and frameworks (e.g., CIS, NIST).
  • Security-related certifications such as Security+, AZ-500, SC-200, or equivalent.
  • Experience supporting clients in the financial services or alternative investment industry.

We Offer

  • Opportunity to work in a dynamic and innovative environment.
  • Competitive compensation package.
  • Flexible working hours.
  • Professional development opportunities.

About the Company

Atlas Technica shoulders IT management, user support, and cybersecurity for hedge funds and other investment firms. We value ownership, execution, growth, intelligence, and camaraderie, and are looking for people who share these values while putting the customer first.

Job Details

Company name:
Atlas Technica
Location:
Ukraine
Employment Type:
Full-time
Work Mode:
Remote
Posted on TheJob:
Apr 19, 2026
Last checked:
Jul 1, 2026
Posted on the source:
Mar 17, 2026
Apply Now
© 2026 TheJob, Inc. All rights reserved.