Mercor
Mercor
SOC Specialist
SOC Specialist
India & Europe
Contract-based
Date Posted
Offered salary
Not specified
Not specified
Closing date
Closing soon
Closing soon
Qualification
Not specified
Not specified
Hiring location
India & Europe
India & Europe
Experience
3+ years
3+ years
Responsibilities
• Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria
• Distinguish true positives from false positives by validating investigative evidence and alert context
• Perform end-to-end security investigations, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation
• Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows
• Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries
• Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions
• Collaborate with program leads and other expert annotators to uphold high-quality investigation standards
Requirements
• 3+ years hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above preferred)
• Strong understanding of alert triage, incident investigation workflows, and evidence-based decision making
• Mandatory hands-on experience with Splunk, including conducting investigations and reading SPL queries
• Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect
• Strong investigative judgment and comfort in making decisive evaluations
• Fluent English with strong documentation and communication skills
Nice to Have
• Experience with EDR tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne
• Experience analyzing cloud security logs from AWS, Azure, or GCP
• Familiarity with Identity and Access Management platforms such as Okta or Microsoft Entra ID
• Experience with email security tools like Proofpoint or Mimecast
• SOC leadership or mentoring experience
• Basic scripting experience in Python or similar
• Security certifications such as GCIA, GCIH, GCED, Splunk certifications, or Security+
How to Apply
Click "Apply" to be taken to the Mercor website. This is a flexible remote contract role. Please note that this role cannot support H1B or STEM OPT candidates. Applying through our link supports WFH Bulletin as a referral partner, but you are welcome to apply directly if you prefer.
Responsibilities
• Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria
• Distinguish true positives from false positives by validating investigative evidence and alert context
• Perform end-to-end security investigations, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation
• Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows
• Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries
• Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions
• Collaborate with program leads and other expert annotators to uphold high-quality investigation standards
Requirements
• 3+ years hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above preferred)
• Strong understanding of alert triage, incident investigation workflows, and evidence-based decision making
• Mandatory hands-on experience with Splunk, including conducting investigations and reading SPL queries
• Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect
• Strong investigative judgment and comfort in making decisive evaluations
• Fluent English with strong documentation and communication skills
Nice to Have
• Experience with EDR tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne
• Experience analyzing cloud security logs from AWS, Azure, or GCP
• Familiarity with Identity and Access Management platforms such as Okta or Microsoft Entra ID
• Experience with email security tools like Proofpoint or Mimecast
• SOC leadership or mentoring experience
• Basic scripting experience in Python or similar
• Security certifications such as GCIA, GCIH, GCED, Splunk certifications, or Security+
How to Apply
Click "Apply" to be taken to the Mercor website. This is a flexible remote contract role. Please note that this role cannot support H1B or STEM OPT candidates. Applying through our link supports WFH Bulletin as a referral partner, but you are welcome to apply directly if you prefer.
Responsibilities
• Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria
• Distinguish true positives from false positives by validating investigative evidence and alert context
• Perform end-to-end security investigations, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation
• Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows
• Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries
• Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions
• Collaborate with program leads and other expert annotators to uphold high-quality investigation standards
Requirements
• 3+ years hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above preferred)
• Strong understanding of alert triage, incident investigation workflows, and evidence-based decision making
• Mandatory hands-on experience with Splunk, including conducting investigations and reading SPL queries
• Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect
• Strong investigative judgment and comfort in making decisive evaluations
• Fluent English with strong documentation and communication skills
Nice to Have
• Experience with EDR tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne
• Experience analyzing cloud security logs from AWS, Azure, or GCP
• Familiarity with Identity and Access Management platforms such as Okta or Microsoft Entra ID
• Experience with email security tools like Proofpoint or Mimecast
• SOC leadership or mentoring experience
• Basic scripting experience in Python or similar
• Security certifications such as GCIA, GCIH, GCED, Splunk certifications, or Security+
How to Apply
Click "Apply" to be taken to the Mercor website. This is a flexible remote contract role. Please note that this role cannot support H1B or STEM OPT candidates. Applying through our link supports WFH Bulletin as a referral partner, but you are welcome to apply directly if you prefer.
Mercor
SOC Specialist
SOC Specialist
Overview
Overview
Mercor is hiring SOC Investigation Specialists on behalf of high growth technology and enterprise partners building next generation SOC automation and AI driven investigation systems. This role is ideal for experienced SOC analysts who can apply real world investigative judgment to review, validate and construct high quality security investigations across SIEM, endpoint, cloud and identity environments.
Mercor is hiring SOC Investigation Specialists on behalf of high growth technology and enterprise partners building next generation SOC automation and AI driven investigation systems. This role is ideal for experienced SOC analysts who can apply real world investigative judgment to review, validate and construct high quality security investigations across SIEM, endpoint, cloud and identity environments.
Mercor is hiring SOC Investigation Specialists on behalf of high growth technology and enterprise partners building next generation SOC automation and AI driven investigation systems. This role is ideal for experienced SOC analysts who can apply real world investigative judgment to review, validate and construct high quality security investigations across SIEM, endpoint, cloud and identity environments.
Get Started
Find Verified Remote Jobs That Fit Your Career Goals
Explore carefully reviewed remote job opportunities from trusted companies worldwide. Discover roles that match your skills, experience and work preferences all in one place.
Newsletter
Get Started
Find Verified Remote Jobs That Fit Your Career Goals
Explore carefully reviewed remote job opportunities from trusted companies worldwide. Discover roles that match your skills, experience and work preferences all in one place.
Newsletter
Get Started
Find Verified Remote Jobs That Fit Your Career Goals
Explore carefully reviewed remote job opportunities from trusted companies worldwide. Discover roles that match your skills, experience and work preferences all in one place.
Newsletter
© 2026 WFH Bulletin. All rights reserved.
© 2026 WFH Bulletin. All rights reserved.