SOC Analyst

About Turing

Based in Palo Alto, California, Turing is one of the world's fastest-growing AI companies accelerating the advancement and deployment of powerful AI systems. Turing helps customers in two ways: working with the world’s leading AI labs to advance frontier model capabilities in thinking, reasoning, coding, agentic behavior, multimodality, multilingualism, STEM and frontier knowledge; and leveraging that expertise to build real-world AI systems that solve mission-critical priorities for Fortune 500 companies and government institutions. Turing has received numerous awards, including Forbes's "One of America's Best Startup Employers," #1 on The Information's annual list of "Most Promising B2B Companies," and Fast Company's annual list of the "World's Most Innovative Companies." Turing's leadership team includes AI technologists from industry giants Meta, Google, Microsoft, Apple, Amazon, Twitter, McKinsey, Bain, Stanford, Caltech, and MIT. For more information on Turing, visit www.turing.com. For information on upcoming Turing AGI Icons events, visit go.turing.com/agi-icons.

Job Description

Turing provides a platform that connects talents with our enterprise customers in a global marketplace. Our security engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. Our security engineers work on building the industry standard and implementing the best security practices in our platforms that connect enterprise environments. Our security engineers define and enforce the security protocols to operate services in a protected environment. Our security engineers also build and manage the framework for data access both internally and externally.

At Turing, we are continuously addressing the complex challenges of scaling our systems in a safe and secure manner. We are looking for passionate security engineers and leaders who are excited to solve intricate security problems in dynamic enterprise environments

Overview

We are seeking a proactive and detail-oriented Security Operation Center Analyst to join our global security operations team. Split between India and Brazil, this role is critical to strengthening our frontline cyber defense capabilities. You will be responsible for triaging alerts, conducting initial investigations, handling low-complexity incidents, and escalating critical threats. The ideal candidate thrives in a fast-paced SOC environment, has a passion for cybersecurity, and is eager to grow in incident response, threat detection, and operational support.

Responsibilities:

• Review and analyze alerts escalated by the MDR team via Google Chronicle.
• Perform deep-dive investigations into suspicious activity across identity, SaaS, endpoint, and cloud logs.
• Incident response activities for medium-to-high severity incidents, including containment, eradication, and recovery (e.g., disabling user accounts, blocking malicious IPs).
• Escalate complex or high-impact incidents to Senior Analysts / Incident Response Engineer or relevant stakeholders for further investigation.
• Periodically audit alert rules, integrations, and logging health.
• Coordinate with DevOps and application teams to triage vulnerability findings from Rapid7 platforms (InsightVM, CloudSec, AppSec), communicate remediation needs, and track resolution progress.
• Own the triage and response process for security alerts from MDR, EDR, and cloud platforms, ensuring actions are taken within defined service level agreements (SLAs). Escalate potential breaches or blockers to maintain response effectiveness.
• Suggest automation opportunities for enrichment, containment, or playbook actions.
• Monitor the performance and availability of security tools (e.g., Google SecOps, Rapid7, EDR platforms).
• Triage and investigate endpoint detection and response (EDR) alerts from CrowdStrike or similar tools.
• Conduct regular threat hunting to proactively identify potential compromises.
• Identify threat actor tactics, techniques, and procedures (TTPs) and map to MITRE ATT&CK when relevant.
• Work closely with internal stakeholders and MDR partners to iterate on SOAR automation, ensuring playbooks align with Turing’s detection use cases and operational goals.
• Maintain detailed documentation for each incident using approved tooling (e.g., Jira, Google Docs).
• Provide feedback on SOAR actions and Chronicle detection rules based on observed MITRE ATT&CK patterns, and suggest tuning or coverage improvements.

Qualifications Needed:

• Required Skills:
• 3 - 5 years of hands-on experience in a Security Operations Centre (SOC) or similar cybersecurity role, ideally in a cloud-native or SaaS environment.
• Strong grasp of alert triage, incident detection, and containment fundamentals, including how to assess severity and escalate appropriately.
• Familiarity with SIEM, EDR, and vulnerability management platforms, with an ability to investigate and correlate findings across these tools.
• Working knowledge of network protocols, log types, and attacker TTPs, especially across cloud and SaaS environments.
• Ability to follow incident response playbooks and SOPs with precision.
• Proficiency in managing security tickets and documenting investigative steps clearly.
• Excellent analytical skills with a high attention to detail and a sense of urgency.
• Good written and verbal communication skills, especially for documenting incidents and collaborating with peers across time zones.
• Excellent communication skills, both written and verbal.
  
  
• Good To Have:
• Experience working in a co-managed SOC or MDR-supported environment.
• Strong understanding of alert triage, incident detection, and basic containment procedures.
• Exposure to cloud and SaaS platform logs (e.g., Google Workspace, Okta, GitHub).
• Familiarity with the MITRE ATT&CK framework for mapping attacker techniques.
• Basic familiarity with scripting or automation tooling, including formats like YAML, Python, Bash, Sigma, or UDM.
• Excellent analytical skills with a high attention to detail and a sense of urgency.
• Good written and verbal communication skills, especially for documenting incidents and collaborating with peers across time zones.
• One or more relevant certifications (CEF Certified Ethical Hacker (CEF-CEH), CompTIA Security+, etc.).

Advantages of joining Turing: