Senior SOC Analyst

## About Polymarket Polymarket is the world's largest prediction market platform. We enable individuals to express views on real-world events by trading on outcomes across politics, economics, sports, culture, and current affairs. Built as a peer-to-peer marketplace with no centralized "house," Polymarket aggregates diverse opinions into transparent, market-based probabilities that reflect collective expectations about the future. We're growing fast — both in terms of volume ($21B traded in 2025) and adoption as an alternative news source. Our ambition is to become a ubiquitous beacon of truth in global media and we need your help adding fuel to the fire.

## What You'll Do - Monitor SIEM, EDR, NDR, and cloud security tooling for alerts, anomalies, and indicators of compromise; review and triage escalations from the third-party SOC provider - Conduct proactive threat hunting using intelligence feeds, MITRE ATT&CK TTPs, and hypothesis-driven queries - Lead containment, eradication, and recovery for confirmed incidents; coordinate with Engineering, Legal, and Leadership on high-severity events - Respond to on-call pages per the team rotation schedule; write clear incident reports covering timeline, impact, root cause, and corrective actions - Analyze malware samples, phishing campaigns, network traffic, and endpoint artifacts to determine scope and attacker TTPs - Identify detection gaps and propose new SIEM rules, correlation logic, and tuning improvements - Author and maintain SOC runbooks and playbooks used by both in-house and third-party teams; contribute to weekly/monthly reporting on incident trends and third-party SLA adherence

## What We're Looking For - 2+ years of hands-on SOC, incident response, or security operations experience - Proficiency with a SIEM platform (Palo Alto XSIAM preferred) - Experience with EDR/XDR tooling (CrowdStrike, SentinelOne, or equivalent) - Demonstrated ability to triage alerts including phishing, malware, lateral movement, and credential-based attacks - Solid understanding of TCP/IP, DNS, HTTP/S, and common attack patterns - Ability to read and write basic scripts or queries (Python, Bash, KQL, or SPL) to support analysis - Availability for rotating shifts and participation in on-call rotation - (Plus) Experience managing escalations to or from an MSSP or third-party SOC - (Plus) Certifications such as CompTIA CySA+, GCIA, GCIH, or equivalent - (Plus) Familiarity with cloud security tooling in AWS, GCP, or Azure - (Plus) Knowledge of the blockchain, DeFi, or crypto-sector threat landscape - (Plus) Experience with MITRE ATT&CK-based threat hunting or purple team exercises

## Benefits - Competitive salary & equity - Unlimited PTO - Full Health, Vision, & Dental coverage - 401k match - Hardware setup: new MacBook Pro, big display, & accessories

Polymarket is the world's largest prediction market platform where users trade on the outcomes of real-world events such as politics, sports, economics, and more, using USDC cryptocurrency on the Polygon blockchain. It provides real-time odds reflecting news, polls, and events, and operates globally with a US-regulated entity.