​This is a full-time, Remote SOC Analyst II role at UST, a large digital transformation firm. Despite the “L2” title in the header, the requirements specifically look for L3-level experience to act as a high-tier escalation point for critical security incidents. The role focuses on deep-dive investigations, analyzing adversary TTPs, and performing proactive threat hunting across global client environments.

• ​Location: Remote (US Market).
• ​Compensation Range: $46,000 – $69,000 (Note: This is unusually low for the required L3 experience level).
• ​Experience Required: Minimum 3+ years of experience as a SOC L3 Analyst working within a Global SOC team.
• ​Focus: High-severity incident escalation, root cause validation, and identifying Advanced Persistent Threats (APTs) that evade automated detection.
• ​Technical Stack: SIEM platforms including QRadar, Sentinel, and Splunk.

​The Opportunity: Advanced Analysis and Risk Mitigation

​The L2/L3 Analyst is responsible for moving beyond basic alert triaging into complex forensic analysis and process improvement.

• ​Escalation & Investigation: Act as the primary escalation point for high and critical severity incidents, determining the potential impact and extent of compromise.
• ​Adversary Analysis: Analyze attack patterns and Tools, Techniques, and Procedures (TTPs) to map out the attack life cycle.
• ​Threat Hunting: Proactively hunt for Indicators of Compromise (IOCs) and signs of APTs using in-depth log analysis.
• ​Remediation Guidance: Provide recommendations for security control policy changes, security hygiene improvements, and vulnerability mitigation.
• ​Process Engineering: Identify gaps in existing security workflows and propose enhancements to incident response methodologies.
• ​Playbook Development: Experience in writing procedures, runbooks, and playbooks to standardize response efforts.

​What You Need: Technical and Professional Requirements

​The ideal candidate must be a “practical problem solver” with a deep background in global security operations and a strong command of enterprise SIEM tools.

• ​Core Experience: 3+ years in a Global SOC environment specifically at an L3 level.
• ​SIEM Expertise: Hands-on experience with major vendors: IBM QRadar, Microsoft Sentinel, and Splunk.
• ​Incident Response: Proven ability to gather evidence, validate root causes, and analyze compromise extent using client-specific security toolsets.
• ​Collaboration: Strong ability to work directly with a customer’s internal IT and security teams to resolve issues.
• ​Professionalism: Maintain high customer satisfaction through proactive and personal service.