Agentic SOC Analyst
Supervise AI-driven detection and triage, validate agent decisions, and own escalations in our agentic Security Operations Center.
About the role
Agentic SOC Analysts are the humans in the loop of our AI-driven operations. You will review and validate the alerts and containment actions our agents propose, tune playbooks and approval gates, and own escalations when something real is happening.
This is a great role for a SOC analyst who wants to work alongside automation instead of drowning in alert queues — you focus on judgment, threat hunting, and improving the system.
Key Responsibilities
- Review and validate AI-triaged alerts and proposed containment actions
- Tune agentic playbooks, detection logic, and approval gates
- Conduct threat hunting across AI and traditional telemetry
- Escalate and coordinate response on confirmed incidents
- Maintain runbooks and feedback loops for AI-assisted operations
Requirements
- Bachelor's degree in Cybersecurity, IT, or a related field (or equivalent)
- 2+ years of SOC or security-operations experience
- Experience with SIEM/SOAR platforms
- Comfort working alongside AI and automation tooling
- Security+ or equivalent certification preferred
Nice to have
- Scripting experience (Python, KQL, or similar)
- Exposure to cloud security (AWS, Azure, or GCP)
- Interest in detection engineering