All roles

Open role

SOC Analyst Level 1

Remote · Sweden Full-time

About Keyrock Since our beginnings in 2017, we've grown to be a leading change-maker in the digital asset space, renowned for our partnerships and innovation. Today, we rock with over 200 team members around the world. Our diverse team hails from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs. Predominantly remote, we have hubs in London, Brussels, Singapore and Paris, and host regular online and offline hangouts to keep the crew tight. We are trading on more than 80 exchanges, and working with a wide array of asset issuers. As a well-established market maker, our distinctive expertise led us to expand rapidly. Today, our services span market making, options trading, high-frequency trading, OTC, and DeFi trading desks as well as digital asset management. Keyrock is looking to expand and establish itself as a full-service financial institution through both organic innovation and inorganic growth. But we’re more than a service provider. We’re an initiator. We're pioneers in adopting the Rust Development language for our algorithmic trading systems, and champions of its use in the industry. We support the growth of Web3 startups through our Accelerator Program. We upgrade ecosystems by injecting liquidity into promising DeFi, RWA, and NFT protocols. And we push the industry's progress with our research and governance initiatives. At Keyrock, we're not just envisioning the future of digital assets. We're actively building it. Role Summary As a SOC Analyst (Level 1), you are the first line of defense for monitoring, triaging, and escalating security alerts across Keyrock’s cloud-first, high-availability trading environment. You will follow playbooks/runbooks to validate alerts, enrich investigations with context, and ensure timely escalation to Level 2/Incident Response. What You’ll Do (Core Responsibilities)

  • 24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling; identify false positives vs. credible threats and set appropriate severity.
  • Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system.
  • Escalation and coordination: elevate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken).
  • Runbook execution: follow SOPs for common events (phishing, suspicious logins, endpoint detections, cloud key/token risk, malware alerts, data exfiltration signals), including containment actions you’re authorized to perform.
  • Threat-aware analysis: map alerts to adversary behaviors (e.g., MITRE ATT&CK techniques) to improve understanding and escalation quality.
  • Operational hygiene: maintain accurate shift handovers, update watchlists and investigation notes, and identify recurring alert patterns for tuning recommendations.

What We’re Looking For (Minimum Qualifications)

  • 0–2 years in a SOC / security monitoring / IT operations role (or equivalent hands‑on experience, internships, labs).
  • Practical knowledge of security fundamentals: networking, DNS, HTTP(S), identity/authentication, and malware basics.
  • Familiarity with log investigation and event triage concepts.
  • Familiarity with common security tools and workflows (any of the following): SIEM (Splunk/Elastic/Sentinel), EDR (CrowdStrike/Defender), ticketing (Jira/ServiceNow), basic SOAR concepts.
  • Strong written communication: produce clear, escalation‑ready tickets and timelines.
  • Ability to work rotating shifts/on‑call (as required), including weekends/holidays depending on coverage model.

Nice to Have (Preferred)

  • Cloud security exposure (AWS/GCP/Azure): CloudTrail/Activity Logs, IAM analysis, detections for token/key misuse.
  • Familiarity with incident response frameworks/processes (e.g., NIST incident response guidance).
  • Exposure to detection engineering concepts (rule tuning, false‑positive reduction), or basic scripting (Python/Bash) for investigation automation.
  • Knowledge of the digital‑asset ecosystem (exchanges, custody concepts, operational risk in 24/7 trading environments).
  • Certifications (optional): Security+, Blue Team Level 1, SSCP, or equivalent practical training.

What Success Looks Like (First 60–90 Days)

  • Consistently accurate triage decisions with strong documentation and clean escalations.
  • Reliable shift handovers and measurable reduction in re‑opened or incomplete cases.
  • Clear recommendations for detection/playbook improvements based on recurring patterns.

Why Keyrock

  • Work in a fast‑moving, globally distributed environment shaping the future of digital financial markets.
  • A culture that expects ownership, learning, and continuous improvement.

Apply Now:

More open positions

Corporate Safety Manager (hybrid or remote)

Work from home Full-time role

Hebrew Trust & Safety Ai Data Trainer

Work from home Full-time role

Bilingual Interpreter, English / Target Language

Work from home Full-time role

Virtual Sign Language Interpreter | Colorado

Work from home Full-time role

Manager, HRIS

Work from home Full-time role

Remote Medical Review Nurse (RN) - Must Work CST time zone

Work from home Full-time role

Fractional CMO (Retail) — Build & Own a High-Performance Marketing Engine - Contract to Hire

Work from home Full-time role

reputed company Night Shift Jobs (Remote, Entry Level, Full Time…

Work from home Full-time role

Case Management Coordinator, LVN/LPN II-Pasadena-Full Time

Work from home Full-time role

Senior Risk Advisory GRC Consultant – Full Time- Remote in the USA

Work from home Full-time role

Access & Reimbursement Manager (Cincinnati)

Work from home Full-time role

Head of Product Design - Growth

Work from home Full-time role

Remote Member Solutions Specialist

Work from home Full-time role

Product Manager Senior

Work from home Full-time role

Talent Acquisition Partner | Remote, USA

Work from home Full-time role

Police Communications Dispatcher – Lateral

Work from home Full-time role

Remote Call Center Specialist (Walgreens Jobs)

Work from home Full-time role

[Remote] Content Manager

Work from home Full-time role

Reinsurance Assistant Actuary (Primarily Home)

Work from home Full-time role

Hybrid Income Tax Specialist - CPA Firm - Remote

Work from home Full-time role

[Remote] Comparion Customer Support Specialist

Work from home Full-time role