Note: The job is a remote job and is open to candidates in USA. Strada is a people, payroll, and technology leader simplifying international workforce management. They are seeking a motivated SOC Analyst I to serve as the first line of defense within their Security Operations Center, responsible for monitoring security alerts and performing initial investigations to ensure operational efficiency and security visibility.
Responsibilities
- Monitor and respond to security alerts from Microsoft Sentinel, Microsoft Defender XDR, ZeroFox, and Entra ID related activity
- Perform initial triage of alerts to determine severity, scope, and whether activity is malicious or a false positive
- Conduct basic investigations using available telemetry from Azure, Endpoint, Office, etc
- Utilize Kusto Query Language (KQL) to query logs and validate suspicious activity when required
- Escalate validated or high-risk alerts to Tier 2 analysts with clear documentation, supporting evidence, and timelines
- Follow established SOC playbooks and SOP during alert handling and investigations
- Document all investigations and actions taken in the case management system (ServiceNow) with accuracy and clarity
- Track and identify recurring alerts or patterns in the environment and report findings to support detection tuning efforts
- Support incident response efforts by collecting relevant artifacts and assisting Tier 2 in identifying potential root cause
- Provide feedback on SOC processes, playbooks, and workflows to improve operational efficiency
- Assist with projects and ongoing efforts to create documentation, support automation initiatives, and review legacy SOC processes
- Ensure timely response and adherence to SLAs for alert acknowledgment, triage, and escalation
- Assist Compliance teams with audit requests by retrieving and organizing relevant security log data from Sentinel
Skills
- 0–2 years of experience working in a SOC, security operations, or related technical role
- Experience using a query language (e.g., KQL, SQL) to analyze data and investigate anomalies
- Basic understanding of security concepts, including Active Directory/Entra ID, network security, and authentication flows
- Foundational knowledge of Microsoft Azure (e.g., Azure Subscriptions, Enterprise Applications, and Virtual Networks)
- Familiarity with security tools such as Microsoft Sentinel and Defender XDR
- Experience working with ServiceNow or similar ticketing/case management platforms
- Exposure to threat hunting or validating threats using OSINT or threat intelligence sources
- Strong analytical and problem-solving skills with attention to detail
- Strong communication and collaboration abilities
- Ability to express risk and probability to stakeholders
- Relevant certifications such as CompTIA Security+, Microsoft SC-200, eJPT, CPTS, or equivalent are a plus
Benefits
- Health coverage
- Wellbeing programs
- Paid leave (vacation, sick, parental)
- Retirement plans
- Learning opportunities
- Continuing education & training
Company Overview