Description
About the Role
The Tier 1 Security Operations Center (SOC) Analyst plays a critical role within NinjaOne’s Information Security organization, supporting the detection and response to security threats across the company. This is a hands-on, operations-focused position responsible for monitoring, triaging, and escalating security alerts across cloud, endpoint, identity, and SaaS environments. You will work closely with senior analysts and incident responders to investigate alerts, document findings, and support ongoing security operations. This role is ideal for early-career security professionals looking to build practical experience in a modern, cloud-centric SOC while developing strong analytical and investigative skills
English Resumes Required
Location: Remote: Brazil, Ecuador, Colombia, Mexico (LATAM)
What You’ll Be Doing
- Monitor security alerts and events across SIEM, EDR, cloud, email, and identity platforms
- Perform initial triage to assess alert severity, scope, and potential impact
- Differentiate true positives from false positives using playbooks and investigative techniques
- Escalate confirmed or high-risk incidents to Tier 2/DFIR teams with clear, structured documentation
- Collect and preserve artifacts (logs, indicators, timelines) to support investigations
Follow established runbooks, escalation paths, and SLAs - Maintain accurate case notes and ticket updates in the case management system
Identify recurring alert patterns and contribute to detection tuning and process improvements - Maintain awareness of common threat vectors, including phishing, malware, credential abuse, and cloud misconfigurations
- Participate in shift handoffs to ensure continuity of investigations
- Other duties as needed
About You
- Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent practical experience)
- 1–3 years of experience in a SOC, NOC, IT security, or related technical role
- Basic understanding of security monitoring and alert triage
- Foundational knowledge of networking (TCP/IP, DNS, HTTP/S)
- Familiarity with Windows and/or macOS operating systems
- Understanding of common attack techniques (phishing, brute force, malware)
- Experience with one or more of the following:
- SIEM platforms (e.g., Splunk, Sentinel, QRadar)
- EDR/XDR tools
- Cloud platforms (AWS, Azure, or GCP)
- Strong written English skills for documentation and escalation
- Ability to work effectively in a remote, distributed team environment
- Willingness to work scheduled shifts aligned with U.S. business hours (including occasional weekends or on-call)
About Us
NinjaOne automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 30,000 customers. The NinjaOne automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. NinjaOne is obsessed with customer success and provides free and unlimited onboarding, training, and support. NinjaOne is #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.
What You’ll Love
Our flexible working hours with home office options enable you to successfully balance your personal life and your job.
Grow personally and together with one of the fastest growing companies globally.
Develop your skills through our renowned training platform.
Receive competitive compensation.
Collaborate with an amazing international workforce.
Additional Information
This position is NOT eligible for Visa sponsorship.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.
#LI-MM1
#LI-REMOTE
#BI-REMOTE
