2

Remote Soc Analyst Jobs (NOW HIRING)

The SOC Lead / Incident Manager will oversee 24x7x365 Security Operations Center (SOC) functions ... Security Operations Analyst (SC-200) * ITIL / PMP (optional but valuable for governance)

Remote Role Responsibilities * Review and evaluate AI-generated outputs related to threat analysis ... Background in areas such as SOC analysis, incident response (DFIR), penetration testing, threat ...

Remote Role Responsibilities * Review and evaluate AI-generated outputs related to threat analysis ... Background in areas such as SOC analysis, incident response (DFIR), penetration testing, threat ...

... remote-first environment. Accountabilities * Lead and oversee security operations, including ... Previous hands-on experience as a SOC Analyst, Incident Responder, or Detection Engineer is a plus.

Entrust is seeking a highly skilled Senior Security Compliance Analyst to lead and sustain ... S.-based candidates and will be fully remote. About Entrust: Our growing company relies on curious ...

next page

Showing results 1-20

Remote Soc Analyst information

See salary details

$32K

$84.2K

$133.5K

How much do remote soc analyst jobs pay per year?

As of Jul 18, 2026, the average yearly pay for remote soc analyst in the United States is $84,207.00, according to ZipRecruiter salary data. Most workers in this role earn between $65,000.00 and $98,500.00 per year, depending on experience, location, and employer.

What is a Remote SOC Analyst job?

A Remote SOC (Security Operations Center) Analyst is a cybersecurity professional who monitors and analyzes an organization's IT infrastructure for potential security threats, incidents, and vulnerabilities from a remote location. They use security tools like SIEM (Security Information and Event Management) systems to detect and respond to cyber threats in real time. Their responsibilities include investigating alerts, mitigating risks, and escalating critical issues to higher-level security teams. Remote SOC Analysts help protect organizations from cyberattacks while working from home or an offsite location.

What are some typical challenges faced by Remote SOC Analysts, and how are they managed?

Remote SOC Analysts often face challenges such as coordinating effectively with a distributed team, staying updated on rapidly evolving threats, and maintaining vigilance while working independently. To manage these, they leverage collaborative platforms, participate in regular virtual briefings, and use advanced monitoring and alert systems to maintain real-time awareness. Access to clear protocols and ongoing training helps analysts stay aligned on best practices and new cyber threat intelligence. Building strong communication channels with colleagues and supervisors ensures incidents are addressed efficiently and team cohesion remains high, even in a remote setting.

What are the key skills and qualifications needed to thrive in the Remote Soc Analyst position, and why are they important?

To thrive as a Remote SOC Analyst, you need a solid understanding of cybersecurity principles, incident response, and threat analysis, generally backed by a degree in computer science or related fields. Familiarity with security information and event management (SIEM) tools, intrusion detection/prevention systems (IDS/IPS), and certifications like CompTIA Security+, CISSP, or CEH is typically expected. Strong attention to detail, critical thinking, and clear, concise communication skills make candidates stand out. These competencies are vital for promptly detecting and mitigating security threats while ensuring effective remote collaboration within the security team.

More about Remote Soc Analyst jobs
What cities are hiring for Remote Soc Analyst jobs? Cities with the most Remote Soc Analyst job openings:
What are the most commonly searched types of Soc Analyst jobs? The most popular types of Soc Analyst jobs are:
What states have the most Remote Soc Analyst jobs? States with the most job openings for Remote Soc Analyst jobs include:
What job categories do people searching Remote Soc Analyst jobs look for? The top searched job categories for Remote Soc Analyst jobs are:
Infographic showing various Remote Soc Analyst job openings in the United States as of July 2026, with employment types broken down into 80% Full Time, and 20% Contract. Highlights an 100% Remote job distribution, with an average salary of $84,207 per year, or $40.5 per hour.

SIEM Engineer

SMART TECH SKILLS LLC

Tallahassee, FL • Remote

Full-time

Posted 2 days ago


Job description

Benefits:
  • Competitive salary

Location
Remote
Experience Level
Senior Level (5 or more years of experience)
Role Overview
This Security Architect and SIEM Engineer position serves within the cybersecurity division of a major public sector state agency. This role directly supports large-scale SIEM architecture and 24x7 Security Operations Center (SOC) operations. The primary focus lies on Palo Alto Cortex XSIAM and Cortex XDR platform engineering, administration, and automation, with secondary support for Cribl data modeling and security log pipeline design. Operating on a 12-month contract with a high possibility of extension, the engineer collaborates with enterprise security teams and analysts to implement, optimize, and secure multi-tenant cloud and endpoint environments across multiple state agencies. This role includes a monthly after-hours on-call rotation to support the 24x7 SOC.
Key Responsibilities

SIEM & XDR Platform Engineering
• Plan, design, deploy, administer, and optimize Palo Alto Cortex XSIAM and Cortex XDR platforms across a large-scale, multi-tenant environment.
• Lead multi-tenant agency onboarding, tenant-specific configurations, role-based access controls (RBAC), and logical data segregation.
• Design, configure, and maintain operational dashboards, alert telemetry, and compliance reporting tools for multiple agencies.
Detection Engineering & Automation
• Develop, test, and tune high-fidelity detections, correlation rules, threat-hunting queries, watchlists, and false-positive suppression logic.
• Create, test, deploy, and maintain automated response playbooks, workflows, and integrations using scripting languages (such as Python and Bash) to streamline incident enrichment, containment, and triage.
• Support Tier 1 through Tier 3 SOC analysts and incident responders through system troubleshooting, platform tuning, and knowledge transfers.
Log Management & Data Pipeline Optimization
• Plan, design, deploy, and support log management pipelines utilizing Cribl for data modeling, routing, parsing, normalization, and enrichment.
• Onboard and monitor the ingestion health of cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application telemetry sources.
• Optimize log ingestion volumes, retention policies, and platform performance to align with strict compliance requirements and cost-efficiency goals.
Governance, Documentation, & Compliance
• Author and maintain operational runbooks, Standard Operating Procedures (SOPs), escalation matrices, architecture diagrams, and analyst knowledge articles.
• Ensure high availability, platform resilience, automated backups, disaster recovery readiness, and controlled change management processes for SIEM and log services.
• Align implemented solutions with industry-standard security frameworks, regulatory guidelines, and organizational risk tolerance.
Required Qualifications
• 5 or more years of professional experience supporting large-scale enterprise IT environments and/or complex system deployments.
• Proven, hands-on experience in the design, implementation, administration, and operational support of Palo Alto Cortex XSIAM and Cortex XDR platforms.
• Demonstrated experience engineering and supporting enterprise SIEM capabilities within multi-tenant environments and 24x7 Security Operations Center (SOC) operations.
• Experience developing, testing, and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, and alert suppression logic.
• Strong experience creating and managing complex automated security playbooks and incident response workflows.
• Hands-on experience with Cribl data modeling, security log pipeline design, parsing, normalization, enrichment, routing, and data ingestion.
• Experience developing automated workflows, platform integrations, and scripts using Python and Bash.
• Experience onboarding and troubleshooting telemetry streams from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application sources.
• Comprehensive understanding of enterprise security architecture, incident response protocols, networking, access control models, and secure system design.
• Bachelor's degree in an Information Technology or Information Security-related field (8 or more years of relevant work experience may be substituted in lieu of education).
• Ability to successfully pass a full credit check and criminal background check, with the requirement to obtain and retain annual CJIS certification once onboard.
Preferred Qualifications
• Hands-on experience administering and operating Palo Alto Cortex XSIAM and Cortex XDR in a very large, multi-tenant public sector environment.
• Advanced Cribl administration, data modeling, and log pipeline performance optimization experience.
• Experience supporting Tier 1 through Tier 3 SOC analyst handoffs, threat hunting, and 24x7 operational escalation processes.
• Familiarity with industry-standard security and compliance frameworks, and experience developing technical documentation (SOPs, runbooks, procedures).
• Professional industry certifications such as CISSP, Security+, GIAC, Palo Alto Cortex, or Cribl.
Core Skills & Attributes
• Advanced analytical, troubleshooting, and problem-solving skills to resolve complex pipeline and platform issues.
• Strong communication and collaboration skills to interact with agency stakeholders, security engineers, and external vendors.
• Highly organized with a structured approach to managing strategic planning, change control, and system documentation.
• Ability to work independently in a 100% remote capacity and participate effectively in a monthly after-hours on-call rotation.

This is a remote position.