SOC Analyst

🔒 Confidential Employer
Posted 7 May 2026
LOCATION
Remote
TYPE
Full-time
LEVEL
Mid-Senior level
CATEGORY
Security
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

SOC operations Incident response Web3 security Splunk EDR (SentinelOne, CrowdStrike) Threat hunting Python scripting SIEM

FULL DESCRIPTION

SOC Analyst

[Employer hidden — sign up to reveal] is looking for an experienced SOC Analyst to join their Security Operations team. This role is centered around three core areas: SOC operations, incident response, and Web3 investigations. It is designed for a security professional who can take ownership of security events from initial triage through full investigation and response, while working effectively across internal teams and customer-facing situations.

About [Employer hidden]

[Employer hidden — sign up to reveal] is the security assurance partner trusted by the most advanced teams in Web3. Founded in 2018 by pioneers in programming languages and formal methods, [Employer hidden — sign up to reveal] helps leading protocols like Lido, Aave, Uniswap, and Compound secure billions in value with confidence. But we’re not just another auditor. We’re a full-stack security assurance platform, combining best-in-class formal verification tools with expert advisory services, delivered on time and with zero compromise.

Key Responsibilities

  • Perform day-to-day SOC operations, including alert handling, triage, escalation, and response coordination
  • Lead end-to-end security incident investigations and response activities
  • Handle containment, eradication, recovery, and post-incident follow-up
  • Investigate and analyze security events across SIEM, EDR, cloud, and Web3-related data sources
  • Conduct deep event research and enrichment to establish context, assess impact, and support decision-making during incidents
  • Perform root-cause analysis and build a clear operational understanding of incidents across multiple systems and environments
  • Produce clear investigation reports, technical findings, and executive-level summaries
  • Work directly with customers during active security events in a professional and structured manner
  • Develop and maintain playbooks, runbooks, and operational procedures
  • Build and maintain automations using SOAR platforms, scripting, and API-based workflows
  • Develop, tune, and optimize detection rules and correlation logic
  • Improve SOC operational effectiveness and KPIs such as MTTD, MTTR, automation coverage, and detection quality
  • Contribute to cross-functional security initiatives and continuous improvement of team processes
  • Fluent English, with the ability to communicate clearly and professionally in both written and verbal form

Mandatory Requirements

  • 3+ years of experience as a SOC Analyst, Incident Responder, or in a similar security operations role
  • Proven experience handling security incidents end-to-end
  • Strong hands-on experience in SOC operations, incident response, and security investigations
  • Strong knowledge of Web2 security fundamentals and deep understanding of Web3 security
  • Proven experience investigating Web3 attacks, including areas such as smart contracts, wallet abuse, transaction analysis, and on-chain activity investigation
  • Experience working directly with customers during security incidents or security operations engagements
  • Advanced hands-on experience with Splunk, including writing and tuning detection rules, parsing and data onboarding, understanding Splunk architecture, detection optimization and correlation logic
  • Experience working with EDR solutions such as SentinelOne, CrowdStrike, Microsoft Defender, or similar
  • Strong threat hunting and complex query-writing capabilities
  • Experience building automations and writing scripts using Python, Bash, and APIs
  • Ability to work independently, take ownership, and drive tasks through to completion
  • Strong written and verbal communication skills in English
  • Ability to work effectively in a remote environment while maintaining clear, proactive, and structured communication with the team lead and the rest of the team

Nice to Have

  • Experience with Detection-as-Code methodologies
  • Experience with SOAR platforms
  • Cloud security experience in AWS / Azure / GCP
  • Experience working in a startup or high-growth environment
  • Strong incident response methodology knowledge, including root-cause analysis and lessons-learned processes

Who You Are

  • Independent, accountable, and comfortable taking ownership end-to-end
  • Proactive, hands-on, and solution-oriented
  • A strong communicator and team player, with the ability to work remotely while maintaining clear and structured reporting
  • Fast learner, able to quickly ramp up on new technologies, domains, and attack patterns
  • Analytical and methodical, with strong investigative and root-cause analysis skills
  • Able to communicate technical findings clearly to both technical and non-technical stakeholders
  • Process-oriented, with a continuous improvement mindset
  • Automation-driven and focused on operational efficiency

Why join [Employer hidden]?

  • Work on cutting-edge technology and challenging problems at the forefront of Web3 applications and technologies
  • Contribute to securing the web3 ecosystem with the leading provider of end-to-end security for blockchain-based applications
  • Experience a friendly creative start-up environment with top talent in the domain
  • Work in a fast-paced and supportive culture: we move fast and break nothing!
  • Enjoy flexible work (remote / hybrid)
  • Get competitive compensation & benefits (including equity)

Department: Security
Role: SOC Analyst
Locations: Argentina, Brazil, Bulgaria, Czech Republic, India, Vietnam, Israel
Remote status: Fully Remote
Employment type: Full-time

Sign up free — access 45,000+ UK sponsor-licensed jobs