SOC/Incident Response Analyst This position is a first-line defense role operating during critical off-hour windows (nights and weekends). The team will be responsible for the initial triage and validation of security alerts generated by Customers SIEM, Okta, SentinelOne, Keeper, and Google platforms. The primary objective is to investigate anomalies and escalate confirmed threats to the internal Incident Response (IR) team through PagerDuty. Core Responsibilities SIEM Alert Validation: Monitor Jira/BlinkOps for alerts pertaining to: Identity issues, compromised passwords, impossible travel, travel to restricted countries, Superadmin creation in Okta, Admin created in SentinelOne, Google admin account activity (creation/deletion), Splunk data deletion, HoneyCred access in Keeper, and suspected malicious access by Okta, Google, and other systems. Investigation: Perform manual investigation (running searches in Splunk, SentinelOne, and Client apps) to confirm alert details, determine Fal...