Why This Job is Featured on The SaaS Jobs
Security operations is increasingly central to SaaS businesses that run cloud-first stacks and rely on identity, endpoints, and third-party services to deliver product uptime and customer trust. A Tier 1 SOC Analyst role in this context sits close to the operational reality of modern SaaS security, where telemetry spans SIEM, EDR, cloud, email, and identity systems and where clear escalation paths matter as much as technical detection.
For a career in SaaS, this kind of position builds durable fundamentals: disciplined triage, evidence collection, and documentation that translate across companies regardless of tech stack. Exposure to alert tuning, recurring-pattern analysis, and runbook-driven response also mirrors how SaaS security teams mature their programs over time, particularly as environments grow in complexity and automation becomes a bigger lever.
This role tends to fit early-career security professionals who prefer hands-on monitoring and investigative work, and who want structured collaboration with senior analysts and incident responders. It also suits candidates comfortable working remotely with shift handoffs and SLAs, and those motivated by developing strong written communication alongside technical judgment.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
About the Role
The Tier 1 Security Operations Center (SOC) Analyst plays a critical role within NinjaOne’s Information Security organization, supporting the detection and response to security threats across the company. This is a hands-on, operations-focused position responsible for monitoring, triaging, and escalating security alerts across cloud, endpoint, identity, and SaaS environments. You will work closely with senior analysts and incident responders to investigate alerts, document findings, and support ongoing security operations. This role is ideal for early-career security professionals looking to build practical experience in a modern, cloud-centric SOC while developing strong analytical and investigative skills
English Resumes Required
Location: Remote: Brazil, Ecuador, Colombia, Mexico (LATAM)
What You’ll Be Doing
- Monitor security alerts and events across SIEM, EDR, cloud, email, and identity platforms
- Perform initial triage to assess alert severity, scope, and potential impact
- Differentiate true positives from false positives using playbooks and investigative techniques
- Escalate confirmed or high-risk incidents to Tier 2/DFIR teams with clear, structured documentation
- Collect and preserve artifacts (logs, indicators, timelines) to support investigations
Follow established runbooks, escalation paths, and SLAs - Maintain accurate case notes and ticket updates in the case management system
Identify recurring alert patterns and contribute to detection tuning and process improvements - Maintain awareness of common threat vectors, including phishing, malware, credential abuse, and cloud misconfigurations
- Participate in shift handoffs to ensure continuity of investigations
- Other duties as needed
About You
- Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent practical experience)
- 1–3 years of experience in a SOC, NOC, IT security, or related technical role
- Basic understanding of security monitoring and alert triage
- Foundational knowledge of networking (TCP/IP, DNS, HTTP/S)
- Familiarity with Windows and/or macOS operating systems
- Understanding of common attack techniques (phishing, brute force, malware)
- Experience with one or more of the following:
- SIEM platforms (e.g., Splunk, Sentinel, QRadar)
- EDR/XDR tools
- Cloud platforms (AWS, Azure, or GCP)
- Strong written English skills for documentation and escalation
- Ability to work effectively in a remote, distributed team environment
- Willingness to work scheduled shifts aligned with U.S. business hours (including occasional weekends or on-call)
About Us
NinjaOne automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 40,000 customers. The NinjaOne automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. NinjaOne is obsessed with customer success and provides free and unlimited onboarding, training, and support. NinjaOne is #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.
What You’ll Love
Our flexible working hours with home office options enable you to successfully balance your personal life and your job.
Grow personally and together with one of the fastest growing companies globally.
Develop your skills through our renowned training platform.
Receive competitive compensation.
Collaborate with an amazing international workforce.
Additional Information
This position is NOT eligible for Visa sponsorship.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.
#LI-MM1
#LI-REMOTE
#BI-REMOTE
