3

Full Time Remote Soc Analyst Jobs (NOW HIRING)

Location: Remote (US-based) About Dispel: Dispel is the fastest-growing cybersecurity company ... Provide day-to-day technical direction to SOC analysts by setting priorities, assigning tasks, and ...

Remote Role Responsibilities * Review and evaluate AI-generated outputs related to threat analysis ... Background in areas such as SOC analysis, incident response (DFIR), penetration testing, threat ...

SOC Content Developer-Atlanta, GA

Atlanta, GA · Remote

$118K - $123K/yr

... analytics solutions for US Government and commercial customers. We specialize in cloud-based ... Remote access to a virtual lab for testing/learning opportunities * Flexible / Alternative Work ...

Cyber Hunt Senior Analyst

Washington, DC · Remote

$112K - $145K/yr

Remote work requires a high level of trust in our employees, and we strictly adhere to the details ... Experience supporting federal SOC operations under FISMA, NIST, and CISA guidance. * Familiarity ...

Cyber Hunt Senior Analyst

Washington, DC · Remote

$112K - $145K/yr

Remote work requires a high level of trust in our employees, and we strictly adhere to the details ... Experience supporting federal SOC operations under FISMA, NIST, and CISA guidance. * Familiarity ...

SOC Architect (Remote)

Mountain View, CA · On-site +1

$175K - $450K/yr

... this full-time position is determined based on a variety of factors including role, experience ... Remote Perks We work remotely Monday & Friday, supported by home-tech setup, and remote wifi ...

Cyber Hunt Senior Analyst

$99K - $128K/yr

Remote work requires a high level of trust in our employees, and we strictly adhere to the details ... Experience supporting federal SOC operations under FISMA, NIST, and CISA guidance. * Familiarity ...

Cyber Hunt Senior Analyst

Washington, DC · On-site +1

$112K - $145K/yr

Remote work requires a high level of trust in our employees, and we strictly adhere to the details ... Experience supporting federal SOC operations under FISMA, NIST, and CISA guidance. * Familiarity ...

next page

Showing results 1-20

Full Time Remote Soc Analyst information

See salary details

$49K

$88.6K

$123.5K

How much do full time remote soc analyst jobs pay per year?

As of Jul 11, 2026, the average yearly pay for full time remote soc analyst in the United States is $88,569.00, according to ZipRecruiter salary data. Most workers in this role earn between $64,000.00 and $99,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Full Time Remote SOC Analyst, and why are they important?

To thrive as a Full Time Remote SOC Analyst, you need a solid understanding of cybersecurity principles, threat analysis, and incident response, typically supported by a degree in information security or related certifications like CompTIA Security+ or CISSP. Familiarity with Security Information and Event Management (SIEM) tools, intrusion detection systems, and ticketing platforms is essential. Strong analytical thinking, attention to detail, and effective communication skills set standout analysts apart in this role. These abilities are crucial for identifying, investigating, and mitigating security threats in a timely manner to protect organizational assets.

What is a Full Time Remote SOC Analyst?

A Full Time Remote SOC (Security Operations Center) Analyst is a cybersecurity professional who works remotely to monitor, detect, and respond to security threats and incidents in an organization's IT environment. Their main responsibilities include analyzing security alerts, investigating suspicious activities, and collaborating with other security professionals to protect sensitive data and systems. Working remotely, they use various security tools and technologies to ensure real-time protection against cyber threats. This role typically requires strong analytical skills, knowledge of cybersecurity concepts, and experience with security monitoring tools.

What is the difference between Full Time Remote Soc Analyst vs Security Engineer?

AspectFull Time Remote Soc AnalystSecurity Engineer
CredentialsSecurity certifications (e.g., CompTIA Security+, CEH)Security certifications, sometimes advanced (e.g., CISSP)
Work EnvironmentRemote, monitoring security alerts, incident responseRemote or on-site, designing and implementing security solutions
Industry UsageCommon in cybersecurity teams across various industriesUsed in organizations developing or maintaining security infrastructure

Full Time Remote Soc Analysts focus on monitoring security alerts and responding to incidents, often working remotely. Security Engineers design and implement security systems, which may also be remote but involve more technical development. Both roles require security certifications and are integral to cybersecurity teams, but their daily tasks and responsibilities differ significantly.

What are some typical challenges faced by a Full Time Remote SOC Analyst, and how can they be managed?

Full Time Remote SOC Analysts often face challenges such as maintaining consistent communication with on-site team members, managing alert fatigue from a high volume of security notifications, and staying updated with rapidly evolving cyber threats. To manage these, it's important to establish clear communication routines with your team, utilize automation tools to prioritize alerts, and participate in ongoing training or threat intelligence updates. Staying organized and proactive in documenting incident responses also helps ensure effective collaboration and incident resolution.
More about Full Time Remote Soc Analyst jobs
What cities are hiring for Full Time Remote Soc Analyst jobs? Cities with the most Full Time Remote Soc Analyst job openings:
What are the most commonly searched types of Remote Soc Analyst jobs? The most popular types of Remote Soc Analyst jobs are:
What states have the most Full Time Remote Soc Analyst jobs? States with the most job openings for Full Time Remote Soc Analyst jobs include:
Infographic showing various Full Time Remote Soc Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $88,569 per year, or $42.6 per hour.
Senior Security Operations Engineer

Senior Security Operations Engineer

Dispel

Remote

Full-time

Medical, Dental, Vision, PTO

Re-posted 5 days ago


Job description

Location: Remote (US-based)
About Dispel:
Dispel is the fastest-growing cybersecurity company recognized in the 2025 Cybersecurity Excellence Awards. We deliver zero trust secure remote access and real-time data streaming for operational technology (OT) and industrial control systems (ICS). Our patented Moving Target Defense technology - referenced in NIST 800-172 - protects critical infrastructure for utilities serving 54 million+ people, manufacturers producing over 50% of US baby formula, and major defense contracts including a $950M IDIQ with the US Air Force.
Why This Role Exists:
Dispel is pursuing FedRAMP High authorization while simultaneously operating a commercial security program. We have a functioning SOC built on Google SecOps (Chronicle) and SentinelOne, but we need a senior IC who can take it from "stood up" to "operationally mature." You'll own the log ingestion pipeline end-to-end and drive material expansion of coverage across federal and commercial environments, including AWS, Azure, and Entra ID.
This person will be the day-to-day technical owner of SOC operations, responsible for closing coverage gaps, building detections, maturing incident response, and providing senior technical direction to the existing SOC analyst. This is a hands-on-keyboard role with leadership expectations - you will not formally manage people, but you will set priorities, review deliverables, and drive execution across the SOC function.
Requirements
Key Responsibilities:
SIEM/SOAR Operations (Google SecOps)
  • Own the log ingestion pipeline end-to-end: identify gaps, build feeds, validate parsing, maintain coverage dashboards
  • Close the federal logging gap and stand up commercial logging across AWS, Azure, Entra ID, and SaaS
  • Activate and configure SecOps SOAR capabilities including Domain-Wide Delegation, marketplace integrations, and bidirectional response actions
  • Build and maintain SOAR playbooks for major incident types such as phishing, malware, account compromise, lateral movement, and cloud-specific threats
  • Develop and maintain operational dashboards for SOC metrics, alert volumes, MTTA/MTTR, and coverage status
  • Manage Google SecOps RBAC

Detection Engineering
  • Build and deploy production detection rules mapped to MITRE ATT&CK within the first year
  • Develop custom parsers for AWS-native security services including GuardDuty, Security Hub, Inspector, WAF, CloudTrail, and VPC Flow Logs
  • Establish a detection lifecycle including proposal, testing, deployment, tuning, and retirement
  • Conduct quarterly detection quality reviews to measure false positive rates, coverage gaps, and rule health
  • Develop alert threshold optimization to reduce noise and analyst fatigue

Endpoint Detection and Response (SentinelOne)
  • Drive SentinelOne deployment across Azure VMs in commercial environments and all federal endpoints
  • Configure and operationalize Cloud Funnel for log export into Google SecOps
  • Build correlation rules between EDR alerts and SIEM detections
  • Manage SentinelOne RBAC groups and policy configuration
  • Coordinate with IT on agent deployment, health monitoring, and version management

Incident Response
  • Serve as senior escalation point for SOC incidents, ensuring investigations are thorough and reports include root cause, remediation actions, credential rotation plans, and follow-up timelines
  • Improve MTTA and MTTR through process optimization, better tooling, and analyst development
  • Lead quarterly tabletop exercises and after-action reviews
  • Maintain and improve incident response runbooks for all major incident categories
  • Integrate incident response workflows with Jira Service Management for tracking and escalation

Vulnerability Management
  • Operationalize monthly scanning cadence across all environments using tools such as Nessus, AWS Inspector, and Azure Defender
  • Define and enforce remediation SLAs by severity: Critical within 72 hours, High within 7 days, Medium within 30 days
  • Build consolidated vulnerability dashboards in Google SecOps
  • Track SLA compliance and report metrics to the CISO
  • Coordinate remediation with engineering and infrastructure teams

MSSP Oversight
  • Serve as primary technical interface with MSSP partner for 24/7 SOC coverage
  • Define and hold the MSSP accountable to SLAs, alert quality, and escalation procedures
  • Review MSSP deliverables such as dashboards, reports, and playbooks for quality and completeness
  • Manage the transition from the previous MSSP and ensure no coverage gaps

SOC Team Technical Leadership
  • Provide day-to-day technical direction to SOC analysts by setting priorities, assigning tasks, and reviewing work products
  • Ensure incident response reports, playbooks, and dashboards meet quality standards before delivery to leadership or external stakeholders
  • Drive OKR execution for SOC-related objectives including logging coverage, detection counts, incident response metrics, and vulnerability SLA compliance
  • Identify skill gaps and development opportunities for junior analysts
  • Establish and enforce SOC processes that are documented, repeatable, and auditable

Required Qualifications:
  • 6+ years of experience in security operations, detection engineering, or SIEM/SOAR engineering
  • Hands-on experience with Google SecOps (Chronicle) or equivalent enterprise SIEM such as Splunk, Sentinel, or QRadar, with Chronicle strongly preferred
  • Production experience with SentinelOne, CrowdStrike, or a comparable EDR platform
  • Deep knowledge of AWS security services including GuardDuty, Security Hub, Inspector, CloudTrail, WAF, and Config
  • Experience building detection rules mapped to the MITRE ATT&CK framework
  • SOAR playbook development and automation experience
  • Demonstrated ability to lead without formal authority by setting direction for peers or junior analysts
  • Strong incident response skills with experience writing complete reports for executive and external audiences
  • Understanding of NIST 800-53 controls, particularly Audit, System Integrity, and Incident Response families
  • Excellent written communication skills

Preferred Qualifications:
  • Experience with Google SecOps (Chronicle), SentinelOne, or similar SIEM/SOAR platforms; certifications are a plus
  • Experience working in a FedRAMP High environment such as AWS GovCloud
  • Azure security experience including Defender for Cloud, Entra ID, Log Analytics, and Event Hubs
  • Experience managing MSSP relationships and enforcing SLAs
  • Background in OT/ICS security monitoring
  • Experience with vulnerability management tools such as Nessus, Inspector, or Defender
  • Previous experience in a startup or high-growth environment building SOC capabilities from early stages

Certifications (Preferred, not required):
  • GCIA, GCIH, GSOM, or other GIAC blue team certifications
  • Google Chronicle or SecOps certifications
  • AWS Security Specialty
  • CISSP or CISM
  • Detection engineering certifications such as SANS SEC555 or SEC511

Benefits
What We Offer:
  • 136K-155K base + equity and performance bonus eligible, depending on experience and location
  • Full medical, vision, and dental insurance
  • Generous PTO
  • Remote-first culture with flexible hours
  • Opportunity to protect critical infrastructure at scale
  • Work with patented, cutting-edge security technology
  • Direct ownership of SOC maturation
  • Collaborative team with military, federal, and private sector expertise

Security Clearance
  • Due to federal customer and FedRAMP requirements, this role requires US Person status (citizen or permanent resident) under ITAR/EAR regulations.
  • Ability to obtain and maintain a security clearance preferred

Dispel is an Equal Opportunity Employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic. We are committed to building a diverse team and encourage applicants from all backgrounds to apply.