

Halogion
About
Company social profiles
Jobs at Halogion
The recruiter has not been active on this job recently. You may apply but please expect a delayed response.
Hiring SOC Investigation Specialist on behalf of high-growth technology and enterprise partners building next-generation SOC automation and AI-driven investigation systems. This role is ideal for experienced SOC analysts who can apply real-world investigative judgment to review, validate, and construct high-quality security investigations across SIEM, endpoint, cloud, and identity environments.
Responsibilities
- Review, monitor, and evaluate SOC alerts and investigation outputs based on predefined scenarios and criteria.
- Distinguish true positives from false positives by validating investigative evidence and alert context.
- Perform end-to-end security investigations when required, including log analysis, entity pivoting, timeline reconstruction, and evidence correlation.
- Assess the correctness, completeness, and quality of SOC investigations produced by automated or human workflows.
- Apply consistent investigative judgment while recognizing that multiple valid investigation paths may exist for the same alert.
- Make clear binary determinations (e.g., ACCEPT / PASS) while also producing detailed ground-truth investigations when required.
- Use Splunk extensively to pivot across logs, entities, and timelines, including reading and reasoning about SPL queries.
- Maintain clear and accurate documentation of investigative steps, assumptions, evidence, and conclusions.
- Collaborate with program leads and other expert annotators to uphold high-quality investigation and annotation standards.
- Mentor or support other analysts where applicable, particularly in long-term or lead annotator roles.
Requirements
- 3+ years of hands-on experience as a SOC analyst in a production SOC environment (Tier 2 or above strongly preferred).
- Strong understanding of alert triage, incident investigation workflows, and evidence-based decision-making under time constraints.
- Mandatory hands-on experience with Splunk, including:
- Conducting investigations using Splunk
- Reading, understanding, and reasoning about SPL queries
- Pivoting between logs, entities, and timelines
- Proven ability to evaluate SOC investigations and determine whether conclusions are valid, incomplete, or incorrect.
- Strong investigative judgment and comfort making decisive evaluations.
- Fluent English (written and spoken) with strong documentation and communication skills.
Nice to Have
- Experience with Endpoint Detection & Response (EDR) tools such as CrowdStrike Falcon, Microsoft Defender for Endpoint, or SentinelOne.
- Experience analyzing cloud security logs and signals:
- AWS (CloudTrail, GuardDuty)
- Azure (Activity Log, Defender for Cloud)
- GCP (Cloud Audit Logs)
- Familiarity with Identity & Access Management platforms such as Okta Identity Cloud or Microsoft Entra ID (Azure AD).
- Experience with email security tools like Proofpoint or Mimecast.
- SOC leadership or mentoring experience.
- Basic scripting experience (Python or similar).
- Security certifications (optional): GCIA, GCIH, GCED, Splunk certifications, Security+, CCNA, or cloud security certifications.

The recruiter has not been active on this job recently. You may apply but please expect a delayed response.
Location: Remote; Geography restricted to India
Type: Full-time or Part-time Contract Work
Fluent Language Skills Required: English & Hindi. Native-level fluency in English and Hindi is required for this position.
Why This Role Exists
At Mercor, we believe the safest AI is the one that’s already been attacked — by us. We are assembling a red team for this project - human data experts who probe AI models with adversarial inputs, surface vulnerabilities, and generate the red team data that makes AI safer for our customers.
This project involves reviewing AI outputs that touch on sensitive topics such as bias, misinformation, or harmful behaviors. All work is text-based, and participation in higher-sensitivity projects is optional and supported by clear guidelines and wellness resources. Before being exposed to any content, the topics will be clearly communicated.
What You’ll Do
- Red team conversational AI models and agents: jailbreaks, prompt injections, misuse cases, bias exploitation, multi-turn manipulation
- Generate high-quality human data: annotate failures, classify vulnerabilities, and flag systemic risks
- Apply structure: follow taxonomies, benchmarks, and playbooks to keep testing consistent
- Document reproducibly: produce reports, datasets, and attack cases customers can act on
Who You Are
- You bring prior red teaming experience (AI adversarial work, cybersecurity, socio-technical probing)
- You’re curious and adversarial: you instinctively push systems to breaking points
- You’re structured: you use frameworks or benchmarks, not just random hacks
- You’re communicative: you explain risks clearly to technical and non-technical stakeholders
- You’re adaptable: thrive on moving across projects and customers
Nice-to-Have Specialties
- Adversarial ML: jailbreak datasets, prompt injection, RLHF/DPO attacks, model extraction
- Cybersecurity: penetration testing, exploit development, reverse engineering
- Socio-technical risk: harassment/disinfo probing, abuse analysis, conversational AI testing
- Creative probing: psychology, acting, writing for unconventional adversarial thinking
What Success Looks Like
- You uncover vulnerabilities automated tests miss
- You deliver reproducible artifacts that strengthen customer AI systems
- Evaluation coverage expands: more scenarios tested, fewer surprises in production
- Mercor customers trust the safety of their AI because you’ve already probed it like an adversary
Why Join Mercor
- Build experience in human data-driven AI red teaming at the frontier of safety
- Play a direct role in making AI systems more robust, safe, and trustworthy
The contract rate for this project will be aligned with the level of expertise required, the sensitivity of the material, and the scope of work. Competitive rates commensurate with experience.
Similar companies
About the company
We are a technology company with a proven track record of partnering with organizations to deliver innovative mobile and cloud solutions & products. We believe that cloud and mobility are the means to deliver solutions to tomorrow’s challenges. Over the last 10 years, we have completed over 200 projects, and many of those have reached the top of the AppStores. We have worked across a number of categories including Fintech, Social, Retail, Enterprise, Lifestyle, Ticketing, Sports, Healthcare, Entertainment and many more.
We have worked with both Fortune 500 companies and innovative startups, and delivered successful products. We have a 40+ people team which, includes UI/UX designers, the best breed of engineers for iOS and Android, Full Stack Developers and Innovators. Other than design and development, Byteridge helps companies understand and define the product that needs to be built. This includes working with the stakeholders to understand the business, recognizing areas of improvement and aligning the project scope with the customers problems.
Jobs
20
About the company
Jobs
1
About the company
Jobs
9
About the company
Quantiphi is an award-winning AI-first digital engineering company driven by the desire to reimagine and realize transformational opportunities at the heart of the business. Since its inception in 2013, Quantiphi has solved the toughest and most complex business problems by combining deep industry experience, disciplined cloud, and data-engineering practices, and cutting-edge artificial intelligence research to achieve accelerated and quantifiable business results.
Jobs
14
About the company
StepSecurity is dedicated to enhancing CI/CD security by providing solutions to prevent pipeline attacks. Founded by seasoned security professionals with experience at Microsoft, Uber, and Plaid, StepSecurity addresses the security gaps highlighted by major breaches like SolarWinds and Codecov.
Founders:
- Varun Sharma: CEO & Co-Founder, formerly at Microsoft.
- Ashish Kurmi: CTO & Co-Founder, with experience at Plaid, Uber, and Microsoft.
Advisors:
- Sekhar Sarrukai, David Cross, Gagan Gulati, Jordan Harband, Ram Shankar Siva Kumar.
Investors:
StepSecurity is backed by leading VCs and notable angel investors, including Anmol Malhotra (Coinbase), Ash Devata (GreyNoise), and David Cross (Rain Capital).
Funding raised: $3M - Seed Funding
For more detailed information, visit - https://www.stepsecurity.io/team
Jobs
1
About the company
At IndiDino, we are building Bharat-focused products for a billion people with the goal of creating a net positive impact. We are driven by a simple mission — to create meaningful products that solve real problems at scale and improve the lives of people across India. By combining innovation, technology, and a deep understanding of Bharat, we aim to build solutions that empower communities and create lasting value.
Jobs
5
About the company
Jobs
11
About the company
Jobs
1
About the company
Jobs
1






