SOC Analyst (Fintech)

TL;DR

SOC Analyst (Fintech): Monitoring, triaging, and escalating security alerts across a cloud-first, high-availability trading environment with an accent on identifying false positives vs. credible threats and ensuring timely escalation. Focus on mapping alerts to adversary behaviors and maintaining operational hygiene through accurate documentation and shift handovers.

Location: Remote from California, London, Illinois, Florida, New Jersey, New York, Vienna, Brussels, Paris, Barcelona, Madrid, Warsaw, Milan, Lisbon, Berlin, Dublin, or Amsterdam

Company

hirify.global is a leading market maker and innovator in the digital asset space, expanding its services to become a full-service financial institution.

What you will do

• Monitor and triage security alerts 24/7 across SIEM/EDR/cloud security tooling, identifying true threats and setting severity.
• Perform initial investigation and enrichment by gathering relevant logs/telemetry and documenting findings.
• Escalate confirmed or suspected incidents to Level 2/Incident Response with a complete handoff.
• Execute Standard Operating Procedures (SOPs) for common security events, including authorized containment actions.
• Analyze alerts by mapping them to adversary behaviors (e.g., MITRE ATT&CK techniques) to improve understanding.
• Maintain operational hygiene through accurate shift handovers, watchlist updates, and recommendations for detection improvements.

Requirements

• 0–2 years of experience in a SOC, security monitoring, or IT operations role (or equivalent hands-on experience).
• Practical knowledge of security fundamentals including networking, DNS, HTTP(S), identity/authentication, and malware basics.
• Familiarity with log investigation and event triage concepts.
• Experience with common security tools and workflows such as SIEM (Splunk/Elastic/Sentinel), EDR (CrowdStrike/Defender), ticketing (Jira/ServiceNow), or basic SOAR concepts.
• Strong written communication skills to produce clear, escalation-ready tickets and timelines.
• Ability to work rotating shifts/on-call, including weekends and holidays, as required by the coverage model.

Nice to have

• Cloud security exposure (AWS/GCP/Azure), including CloudTrail/Activity Logs and IAM analysis.
• Familiarity with incident response frameworks/processes (e.g., NIST).
• Exposure to detection engineering concepts (rule tuning, false-positive reduction) or basic scripting (Python/Bash).
• Knowledge of the digital-asset ecosystem, including exchanges, custody concepts, and operational risk in 24/7 trading environments.
• Relevant security certifications such as Security+, Blue Team Level 1, or SSCP.

Culture & Benefits

• Work in a fast-moving, globally distributed environment shaping the future of digital financial markets.
• A culture that expects ownership, learning, and continuous improvement.