This opportunity is available through a leading AI-driven work platform.
SOC Investigation Analyst
Location
Europe + 1 moreAll locations: Europe | Southern Asia
Posted
2 days ago
Salary
$50 - $70 / hour
Seniority
Mid Level
Job Description
SOC Investigation Analyst
24-MAG
Role Description We are sharing a specialised part-time consulting opportunity for experienced SOC investigation professionals with strong backgrounds in alert triage, incident investigation, Splunk-based log analysis, evidence correlation, timeline reconstruction, and security investigation quality review. This role supports current and upcoming remote consulting opportunities focused on SOC investigation evaluation, alert validation, security evidence review, investigation workflow assessment, and high-quality technical documentation. Selected professionals may apply hands-on experience across SIEM, endpoint, cloud, and identity environments to review, validate, and construct accurate security investigations based on real-world scenarios. Key Responsibilities - SOC Alert Review & Investigation Evaluation - Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria. - Distinguish true positives from false positives by validating alert context, investigative evidence, and supporting signals. - Assess whether security investigation conclusions are correct, incomplete, unsupported, or inaccurate. - Apply consistent investigative judgment while recognizing that more than one valid investigation path may exist for the same alert. - Splunk-Based Investigation & Log Analysis - Use Splunk to pivot across logs, entities, timelines, alerts, and investigation artifacts. - Read, understand, and reason about SPL queries in the context of security investigations. - Perform log analysis, entity pivoting, timeline reconstruction, and evidence correlation when required. - Identify relevant signals across SIEM data and explain how evidence supports an investigation conclusion. - Security Evidence & Ground-Truth Review - Evaluate the correctness, completeness, and quality of SOC investigations produced through structured workflows. - Make clear quality determinations while also producing detailed ground-truth investigations when required. - Review investigation steps, assumptions, supporting evidence, and final conclusions for accuracy and consistency. - Help ensure investigation outputs reflect practical SOC judgment and evidence-based security reasoning. - Documentation & Quality Standards - Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions. - Provide structured feedback on investigation quality, alert handling, and technical reasoning. - Collaborate with project leads and other security specialists to uphold high-quality investigation standards. - Support or mentor other analysts where applicable, particularly in long-term or lead reviewer roles. Qualifications - 3+ years of hands-on experience as a SOC analyst in a production SOC environment. - Tier 2 or higher SOC analyst experience is strongly preferred. - Strong understanding of alert triage, incident investigation workflows, security evidence, and time-sensitive decision-making. - Mandatory hands-on experience with Splunk, including conducting investigations, reading SPL queries, and pivoting between logs, entities, and timelines. - Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect. - Strong investigative judgment and comfort making clear, evidence-based evaluations. - Fluent English communication skills, with strong written documentation ability. - Ability to work independently in a remote, project-based environment. Educational Background - A degree in Cybersecurity, Computer Science, Information Security, Information Systems, Digital Forensics, or a related technical field is helpful. - Equivalent professional experience in SOC analysis, incident response, threat detection, or security investigation work is also highly relevant. Nice to Have - Experience with Endpoint Detection & Response tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, or comparable platforms. - Experience analyzing cloud security logs and signals, including AWS CloudTrail, GuardDuty, Azure Activity Log, Microsoft Defender for Cloud, or GCP Cloud Audit Logs. - Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID. - Experience with email security tools such as Proofpoint, Mimecast, or similar platforms. - SOC leadership, mentoring, or lead analyst experience. - Basic scripting experience with Python or comparable languages. - Security certifications such as GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications. Why This Opportunity - Flexible, remote consulting work aligned with your SOC investigation and security analysis expertise. - Opportunity to contribute to high-impact security investigation evaluation and ground-truth case review. - Suitable for experienced SOC professionals who enjoy evidence-based investigation, structured review, and technical decision-making. - Project-based work that can align with part-time availability and remote schedules. Contract Details - Independent contractor engagement. - Fully remote and flexible scheduling. - Part-time, project-based availability. - Expected commitment may vary by project, with many opportunities ranging from approximately 15–30 hours per week. - Competitive hourly compensation in the range of $50–$70/hour, depending on project scope, experience, and fit. - Payments are made weekly via Stripe or Wise based on services rendered. - Projects may be extended, shortened, adjusted, or concluded based on project needs and performance. - Eligible locations include Albania, Austria, Belgium, Bosnia and Herzegovina, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, India, Ireland, Italy, Kosovo, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Moldova, Monaco, Netherlands, North Macedonia, Norway, Poland, Portugal, Romania, San Marino, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, and the United Kingdom. - Candidates requiring H1-B or STEM OPT sponsorship support are not eligible at this time. - Work must not involve sharing confidential or proprietary information from any employer, client, or institution. About the Platform This opportunity is available through 24-MAG LLC. We connect experienced professionals with remote consulting opportunities across technical, evaluation, and project-based workstreams. By submitting this application, you acknowledge that your information may be processed by 24-MAG LLC for recruitment and opportunity matching in accordance with our Privacy Policy: https://www.24-mag.com/privacy-policy .
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
• Monitor, and investigate security alerts and events across enterprise environments • Perform proactive threat hunting activities to identify malicious behavior and vulnerabilities • Support incident response efforts including assessment, containment, investigation, and remediation • Use Splunk SIEM for log analysis, correlation, detection, and monitoring • Work with EDR technologies including Cisco AMP, CrowdStrike, and Trend Micro, Microsoft Defender • Help with vulnerability management activities and exposure analysis • Coordinate with third-party patch management providers to validate remediation efforts • Investigate suspicious activity, malware infections, phishing attempts, and endpoint threats • Document incidents, findings, and remediation recommendations • Collaborate with IT, infrastructure, and security teams across multiple regions • Help improve detection logic, monitoring processes, and security operational
Threat Intelligence Analyst – Senior
FS-ISACThe only global cyber intelligence sharing community solely focused on financial services.
• Lead complex intelligence investigations involving cyber threat actors, ransomware operations, nation-state activity, vulnerabilities, and emerging threats • Collect, correlate, and analyze intelligence from technical and non-technical sources • Produce tactical, operational, and strategic intelligence assessments for members and stakeholders • Analyze adversary tactics, techniques, and procedures (TTPs) and map findings to frameworks such as MITRE ATT&CK • Assess the impact of cyber incidents, geopolitical developments, technology trends, and systemic risks affecting the financial sector • Author intelligence reports, threat assessments, alerts, white papers, and executive briefings • Present intelligence findings and risk recommendations to executives, members, and external partners • Translate technical intelligence into actionable business and risk-management insights • Lead information-sharing initiatives, intelligence exchanges, and member engagement activities • Build and maintain relationships with financial institutions, government agencies, law enforcement, and industry partners • Represent the organization at conferences, webinars, and industry forums • Leverages AI to enhance analysis, decision-making, productivity, and innovation • Maintains awareness of emerging AI technologies, threats, and risks • Contribute to intelligence strategy, collection priorities, and analytical standards • Identify opportunities to improve intelligence methodologies, workflows, automation, and reporting capabilities • Lead cross-functional projects and support organizational cyber resilience initiatives • Mentor Threat Intelligence Analyst I and II team members and provide analytical coaching and product reviews • Promote best practices in intelligence collection, analysis, reporting, and information sharing
Information Security, Governance Risk, and Compliance Analyst
MercuryBanking for startups: mercury.com
Role Description Security failures are rarely caused by a single technical mistake. More often, they stem from gaps in governance, risk management, operational discipline, and accountability. Strong GRC programs help prevent those failures by making security a business priority, not just a technical concern. Mercury is growing rapidly, and as we scale, we need to continue building resilience, strengthening governance, and improving the way we manage risk across the company. We have a strong foundation today, but the next phase of growth will require scalable programs, thoughtful controls, and cross functional partnerships that allow Mercury to move quickly without sacrificing security. We are looking for an Information Security GRC Analyst to help mature Mercury’s security, risk, and compliance programs. This is not a traditional compliance role focused only on audits and evidence collection. You will help build the systems, processes, and guardrails that support business continuity, customer trust, and long term resilience. In this role, you will: - Lead and support security risk assessments across products, systems, vendors, and business initiatives. - Partner with Engineering, Product, IT, Legal, Operations, and other teams to identify, evaluate, and mitigate risk. - Drive audit readiness and compliance initiatives across frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001. - Conduct gap assessments against security and compliance frameworks, then build practical plans to close those gaps. - Design, implement, and mature scalable governance processes and security controls. - Help improve Mercury’s business continuity, resilience, and third party risk management programs. - Translate compliance and risk requirements into clear, actionable guidance for technical and non-technical stakeholders. - Identify opportunities to automate controls, evidence collection, and recurring GRC workflows. - Help ensure Mercury’s security program remains strong, efficient, and aligned with the speed of the business. Qualifications - Have experience scaling security, risk, compliance, or governance programs in a high growth SaaS, fintech, or cloud native environment. - Understand security frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001, and can translate them into practical controls. - Bring strong ownership and project management skills, with a track record of driving cross functional initiatives from concept to completion. - Are comfortable creating structure from ambiguity and building programs or processes from scratch. - Take a risk based approach to decision making and can distinguish between theoretical risk and material business risk. - Communicate clearly with technical and non-technical stakeholders. - Have enough technical depth to partner effectively with engineers and evaluate security controls in cloud native environments. - Care about building security programs that enable the business rather than slow it down. Requirements - Tools and technologies you may work with: - AWS Config and AWS Audit Manager - GitHub - Vanta - GRC platforms and workflow tools - Cloud native security and compliance tooling Benefits - The total rewards package at Mercury includes base salary, equity, and benefits. - Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using reliable compensation survey data. - New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers. - Our target new hire base salary ranges for this role are: - US employees in New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $153,400 to $191,800 - US employees outside of New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $138,100 to $172,600 - Canadian employees, any location: CAD 145,000 to CAD 181,300 Company Description Mercury is a fintech company, not an FDIC-insured bank. Banking services provided through Choice Financial Group and Column N.A., Members FDIC. Mercury values diversity & belonging and is proud to be an Equal Employment Opportunity employer. All individuals seeking employment at Mercury are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected characteristic. We are committed to providing reasonable accommodations throughout the recruitment process for applicants with disabilities or special needs. If you need assistance, or an accommodation, please let your recruiter know once you are contacted about a role.
• Manage and track infrastructure, security, and product certification projects, ensuring full lifecycle execution across Risk Management Framework (RMF), Federal Risk and Authorization Management Program (FedRAMP), Payment Card Industry (PCI), Health Information Trust Alliance (HITRUST), International Organization for Standardization (ISO), and National Institute of Standards and Technology (NIST) frameworks • Develop, maintain, and deliver project documentation for Customer Service, DevOps, Information Assurance, and Executive leadership teams • Prepare and present monthly reports covering system compliance, security KPIs, audit readiness, and project status • Serve as a liaison between internal teams and customers, ensuring clear communication and alignment throughout complex security and compliance initiatives • Coordinate project schedules, facilitate cross-departmental tasks, and ensure all project phases are properly documented and completed • Support security programs aligned to Risk Management Framework (RMF) Step 1-6, Security Technical Implementation Guide (STIG) compliance, Assured Compliance Assessment Solution (ACAS)/Security Content Automation Protocol (SCAP) scanning, and NIST 800-53/171 control implementation • Contribute to FedRAMP Moderate/High authorization packages, System Security Plan (SSP) development, Plan of Action and Milestones (POA&M) management, and continuous monitoring activities • Assist with multi-framework compliance efforts including PCI DSS v4.0, HITRUST CSF, ISO 27001, Open Worldwide Application Security Project (OWASP) Top 10, and International Electrotechnical Commission (IEC) 62443 • Represent Information Assurance in internal and external meetings, proactively resolving conflicts and guiding teams through ambiguity • Perform other duties as assigned



