SOC Analyst Level 1

About Keyrock

Since 2017, Keyrock has become a leading change-maker in the digital asset space, renowned for its partnerships and innovation. With over 200 team members worldwide from 42 nationalities, Keyrock is predominantly remote with hubs in London, Brussels, Singapore, and Paris. We trade on more than 80 exchanges and work with a wide array of asset issuers, offering services such as market making, options trading, high-frequency trading, OTC, DeFi trading, and digital asset management.

Role Summary

As a SOC Analyst Level 1, you are the first line of defense monitoring, triaging, and escalating security alerts in Keyrock’s cloud-first, high-availability trading environment. You follow playbooks to validate alerts, enrich investigations, and ensure timely escalation to Level 2 or Incident Response.

What You’ll Do (Core Responsibilities)

• 24/7 monitoring and alert triage using SIEM/EDR/cloud security tools.
• Investigate and enrich alerts with relevant logs and telemetry.
• Escalate confirmed incidents with complete handoff details.
• Execute runbooks for events like phishing, suspicious logins, and malware alerts.
• Map alerts to adversary behaviors using frameworks like MITRE ATT&CK.
• Maintain operational hygiene with accurate handovers and notes.

What We’re Looking For (Minimum Qualifications)

• 0–2 years experience in SOC, security monitoring, or IT operations.
• Knowledge of networking, DNS, HTTP(S), identity/authentication and malware basics.
• Familiarity with log investigation and event triage concepts.
• Experience with security tools (SIEM, EDR, ticketing systems, and basic SOAR concepts).
• Strong written communication and ability to work rotating shifts and on-call.

Nice To Have (Preferred)

• Experience with cloud security (AWS, GCP, Azure) and associated logs.
• Familiarity with incident response frameworks and detection engineering concepts.
• Basic scripting knowledge (Python, Bash) for investigation automation.
• Understanding of the digital asset ecosystem and trading operations.
• Relevant certifications (Security+, Blue Team Level 1, SSCP) are a plus.

What Success Looks Like (First 60–90 Days)

• Accurate triage decisions with strong documentation and escalation clarity.
• Reliable shift handovers with reduced incident re-openings.
• Actionable recommendations for detection/playbook improvements.

Why Keyrock

Join a fast-moving, globally distributed environment that is shaping the future of digital financial markets. At Keyrock, you will work in a culture that values ownership, learning, and continuous improvement.

Key skills/competency

• SOC monitoring
• SIEM
• EDR
• Alert triage
• Incident escalation
• Cloud security
• Threat analysis
• Runbook execution
• Operational hygiene
• Digital assets