SOC Analyst - Remote

Work Mode Remote Engagement Type Independent Contractor Schedule Full-Time or Part-Time Contract Language Requirement Fluent English Recruiting on behalf of a cutting-edge AI research lab building advanced AI systems for cybersecurity applications. We are seeking senior cybersecurity professionals with deep hands-on experience across both defensive (Blue Team) and offensive (Red Team) security disciplines. In this role, you will apply real-world adversarial and defensive expertise to evaluate, stress-test, and improve AI models designed to assist with threat detection, incident response, and attack simulation. Your insights will directly inform how AI systems reason about attacks, evasions, detection logic, and response workflows. This is a flexible, remote engagement ideal for experienced practitioners who have operated in enterprise, consulting, or high-security environments.

Key Responsibilities

Defensive (Blue Team) Contributions

• Investigate and analyse real or simulated security incidents (e.g., phishing, lateral movement, ransomware, privilege escalation).
• Review logs and telemetry from SIEM, EDR/XDR, firewall, cloud, and identity systems.
• Apply frameworks such as MITRE ATTACK to classify adversary behavior.
• Evaluate alert quality, detection rules, triage decisions, and response workflows.
• Assess AI-generated investigations for technical correctness and operational realism. Offensive (Red Team) Contributions
• Analyse attack chains including initial access, persistence, privilege escalation, lateral movement, and data exfiltration.
• Simulate adversarial thinking to evaluate detection gaps and bypass techniques.
• Review exploit techniques, payload behaviors, and evasion strategies.
• Provide insights into attack surface analysis and real-world adversary tactics.
• Stress-test AI systems against realistic red-team scenarios. AI Evaluation & Feedback
• Provide structured reasoning explaining investigative and adversarial decisions.
• Identify weaknesses in AI threat analysis and suggest improvements.
• Help refine benchmarks for detection, triage, and attack simulation accuracy.

Requirements

Experience

• 5+ years in cybersecurity with experience in one or more of
• SOC Analyst (Level II/III)
• Incident Responder
• Detection Engineer
• Threat Hunter
• Red Team Operator / Penetration Tester
• Security Consultant (Offensive Security)
• Hands-on experience conducting or responding to real-world security incidents. Technical Skills – Blue Team
• Strong experience with
• SIEM platforms (Splunk, Sentinel, QRadar, Elastic)
• EDR/XDR tools (CrowdStrike, Defender, Carbon Black)
• Log analysis and event correlation
• Network traffic analysis (Wireshark, Zeek, tcpdump)
• Cloud security and IAM investigation experience preferred.
• Familiarity with MITRE ATT&CK mapping and detection engineering. Technical Skills – Red Team
• Experience with
• Penetration testing methodologies
• Adversary emulation and attack simulation
• Exploitation frameworks (e.g., Metasploit, Cobalt Strike or equivalents)
• Privilege escalation techniques
• Lateral movement techniques
• Evasion and obfuscation methods
• Understanding of Active Directory attacks, phishing frameworks, and payload development is a plus. Analytical & Communication Skills
• Strong written documentation skills explaining technical reasoning.
• Ability to think from both attacker and defender perspectives.
• Structured, logical analysis of complex security scenarios.

Preferred Qualifications

• Certifications such as
• OSCP, OSEP, CRTO (Red Team)
• GCIA, GCFA, GCIH (Blue Team)
• CISSP
• Experience mentoring junior analysts or red team members.
• Scripting proficiency (Python, PowerShell, Bash). Why Join
• Contribute to next-generation AI systems for cybersecurity.
• Work at the intersection of offensive and defensive security research.
• High-impact role shaping AI reasoning about real-world cyber threats.
• Flexible engagement suited for senior practitioners.
• Collaborate with leading AI researchers and security experts. We consider all qualified applicants without regard to legally protected characteristics and provide reasonable accommodations upon request. Contract and Payment Terms
• You will be engaged as an independent contractor.
• This is a fully remote role that can be completed on your own schedule.
• Projects can be extended, shortened, or concluded early depending on needs and performance.
• Payments are weekly on Stripe or Wise based on services rendered. Apply To this Job