SOC Analyst - Remote

Fluent English

Defensive (Blue Team) Contributions

• Investigate and analyse real or simulated security incidents (e.g., phishing, lateral movement, ransomware, privilege escalation).
• Review logs and telemetry from SIEM, EDR/XDR, firewall, cloud, and identity systems.
• Apply frameworks such as MITRE ATTACK to classify adversary behavior.
• Evaluate alert quality, detection rules, triage decisions, and response workflows.
• Assess AI-generated investigations for technical correctness and operational realism.

Offensive (Red Team) Contributions

• Analyse attack chains including initial access, persistence, privilege escalation, lateral movement, and data exfiltration.
• Simulate adversarial thinking to evaluate detection gaps and bypass techniques.
• Review exploit techniques, payload behaviors, and evasion strategies.
• Provide insights into attack surface analysis and real-world adversary tactics.
• Stress-test AI systems against realistic red-team scenarios.

AI Evaluation & Feedback

• Provide structured reasoning explaining investigative and adversarial decisions.
• Identify weaknesses in AI threat analysis and suggest improvements.
• Help refine benchmarks for detection, triage, and attack simulation accuracy.

Experience

• 5+ years in cybersecurity with experience in one or more of:

+ SOC Analyst (Level II/III)

+ Security Consultant (Offensive Security)

• Hands-on experience conducting or responding to real-world security incidents.

Technical Skills - Blue Team

• Strong experience with:
• + SIEM platforms (Splunk, Sentinel, QRadar, Elastic)
• + EDR/XDR tools (CrowdStrike, Defender, Carbon Black)
• + Log analysis and event correlation
• + Network traffic analysis (Wireshark, Zeek, tcpdump)
• Cloud security and IAM investigation experience preferred.
• Familiarity with MITRE ATT&CK mapping and detection engineering.

Technical Skills - Red Team

• Experience with:
• + Penetration testing methodologies
• + Adversary emulation and attack simulation
• + Exploitation frameworks (e.g., Metasploit, Cobalt Strike or equivalents)
• + Privilege escalation techniques
• + Lateral movement techniques
• + Evasion and obfuscation methods
• Understanding of Active Directory attacks, phishing frameworks, and payload development is a plus.

Analytical & Communication Skills

• Strong written documentation skills explaining technical reasoning.
• Ability to think from both attacker and defender perspectives.
• Structured, logical analysis of complex security scenarios.

Preferred Qualifications

• Certifications such as:

+ GCIA, GCFA, GCIH (Blue Team)

• + CISSP
• Experience mentoring junior analysts or red team members.
• Scripting proficiency (Python, PowerShell, Bash).

Why Join

• Contribute to next-generation AI systems for cybersecurity.
• Work at the intersection of offensive and defensive security research.
• High-impact role shaping AI reasoning about real-world cyber threats.
• Flexible engagement suited for senior practitioners.
• Collaborate with leading AI researchers and security experts.
• We consider all qualified applicants without regard to legally protected characteristics and provide reasonable accommodations upon request.

Contract and Payment Terms

• You will be engaged as an independent contractor.
• This is a fully remote role that can be completed on your own schedule.
• Projects can be extended, shortened, or concluded early depending on needs and performance.
• Payments are weekly on Stripe or Wise based on services rendered.