Security Operations Center Analyst

Job Description: Cyber Security SOC Analyst (AI/LLM Threat Modelling)

Position: SOC Analyst – AI/LLM Cybersecurity Threat Modelling

Location: [Remote]

Schedule: PST

About the Role

We are seeking a forward-thinking Cyber Security SOC Analyst with expertise in security operations and a passion for applying large language models (LLMs) to real-world threat detection. This role blends traditional SOC responsibilities with research and development in AI-driven cybersecurity workflows. The ideal candidate has a strong foundation in incident response and threat triage while being able to experiment with and evaluate advanced machine learning models to enhance detection capabilities.

Key Responsibilities:

SOC Operations

• Monitor, triage, and investigate alerts from security tools and platforms.
• Identify root causes of security incidents and recommend remediation.
• Differentiate true positives from false positives to refine detection accuracy.

AI & Threat Modelling:

• Build and evaluate cybersecurity models leveraging LLMs to identify emerging threats.
• Design and run real-world evaluations of model performance, including adversarial scenarios.
• Research and recommend data sources for training and fine-tuning models.
• Develop workflows for data curation, labelling, and threat detection.
• Document findings, processes, and evaluation metrics.

Data & Evaluation:

• Perform data labelling for supervised evaluations and model improvement.
• Establish metrics for reducing false positives and improving precision/recall.
• Collaborate with security engineers, researchers, and data scientists to operationalize AI-driven SOC workflows.

Qualifications:

Required:

• 5+ years of experience in a SOC analyst, incident response, or related cybersecurity role.
• Strong knowledge of alert triage, root cause analysis, and incident handling.
• Familiarity with security tools (SIEM, EDR, IDS/IPS, etc.).
• Experience or strong interest in AI/ML applications in cybersecurity.
• Ability to work independently in part-time PST shifts (every two days).

Preferred:

• Hands-on experience with LLMs (e.g., fine-tuning, prompt engineering, or evaluation).
• Familiarity with Python and data manipulation libraries.
• Background in threat intelligence, malware analysis, or adversarial testing.
• Understanding of data curation, annotation, and evaluation methods.

Why Join Us

• Be part of an innovative team pioneering AI-driven SOC workflows.
• Apply cutting-edge LLM research directly to real-world cyber defence.
• Flexible scheduling aligned with PST hours.
• Opportunity to shape the future of AI in cybersecurity operations.