Postúlate en Kit Empleo: kitempleo.com.ar/empleo/q1qfm

**Work Mode**: Remote
**Engagement Type**: Independent Contractor
**Schedule**: Full-Time or Part-Time Contract

**Language Requirement**: Fluent English

**Key Responsibilities**:
**Defensive (Blue Team) Contributions**:

- Investigate and analyse real or simulated security incidents (e.g., phishing, lateral movement, ransomware, privilege escalation).
- Review logs and telemetry from SIEM, EDR/XDR, firewall, cloud, and identity systems.
- Evaluate alert quality, detection rules, triage decisions, and response workflows.
- Assess AI-generated investigations for technical correctness and operational realism.

**Offensive (Red Team) Contributions**:

- Analyse attack chains including initial access, persistence, privilege escalation, lateral movement, and data exfiltration.
- Simulate adversarial thinking to evaluate detection gaps and bypass techniques.
- Review exploit techniques, payload behaviors, and evasion strategies.
- Provide insights into attack surface analysis and real-world adversary tactics.
- Stress-test AI systems against realistic red-team scenarios.

**AI Evaluation & Feedback**:

- Provide structured reasoning explaining investigative and adversarial decisions.
- Identify weaknesses in AI threat analysis and suggest improvements.
- Help refine benchmarks for detection, triage, and attack simulation accuracy.

**Requirements**:
**Experience**:

- 5+ years in cybersecurity with experience in one or more of:

- SOC Analyst (Level II/III)
- Detection Engineer
- Threat Hunter
- Red Team Operator / Penetration Tester
- Security Consultant (Offensive Security)
- Hands-on experience conducting or responding to real-world security incidents.

**Technical Skills - Blue Team**:

- Strong experience with:

- SIEM platforms (Splunk, Sentinel, QRadar, Elastic)
- EDR/XDR tools (CrowdStrike, Defender, Carbon Black)
- Log analysis and event correlation




- Network traffic analysis (Wireshark, Zeek, tcpdump)
- Cloud security and IAM investigation experience preferred.
- Familiarity with MITRE ATT&CK; mapping and detection engineering.

**Technical Skills - Red Team**:

- Experience with:

- Penetration testing methodologies
- Adversary emulation and attack simulation
- Exploitation frameworks (e.g., Metasploit, Cobalt Strike or equivalents)
- Privilege escalation techniques
- Lateral movement techniques
- Evasion and obfuscation methods
- Understanding of Active Directory attacks, phishing frameworks, and payload development is a plus.

**Analytical & Communication Skills**:

- Strong written documentation skills explaining technical reasoning.
- Ability to think from both attacker and defender perspectives.
- Structured, logical analysis of complex security scenarios.

**Preferred Qualifications**:

- Certifications such as:

- OSCP, OSEP, CRTO (Red Team)
- GCIA, GCFA, GCIH (Blue Team)
- CISSP
- Experience mentoring junior analysts or red team members.
- Scripting proficiency (Python, PowerShell, Bash).

**Why Join**:

- Contribute to next-generation AI systems for cybersecurity.
- Work at the intersection of offensive and defensive security research.
- High-impact role shaping AI reasoning about real-world cyber threats.
- Adaptable engagement suited for senior practitioners.
- Collaborate with leading AI researchers and security experts.

We consider all qualified applicants without regard to legally protected characteristics and provide reasonable accommodations upon request.

**Contract and Payment Terms**:

- You will be engaged as an independent contractor.
- This is a fully remote role that can be completed on your own schedule.
- Projects can be extended, shortened, or concluded early depending on needs and performance.
- Payments are weekly on Stripe or Wise based on services rendered.

Postúlate en Kit Empleo: kitempleo.com.ar/empleo/q1qfm

📌 SOC Analyst - Remote (La Cañada)
🏢 YO IT CONSULTING
📍 La Cañada