BlueVoyant is hiring a
SOC Security Analyst

Summary

Join BlueVoyant's fast-paced team as a Security Operations Center (SOC) Analyst to help global customers manage their IT security and reduce the impact of security incidents.

Requirements

• US Citizenship Required
• Excellent teamwork skills
• Knowledge of and experience with intrusion detection/prevention systems and SIEM software
• Knowledge and understanding of network protocols and devices
• Experience with Mac OS, Windows, and Unix systems
• Ability to analyze event logs and recognize signs of cyber intrusions/attacks
• Ability to handle high pressure situations in a productive and professional manner
• Written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
• Teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
• Able and willing to work in a 24/7/365 environment, including nights and weekends, on a shift schedule
• Ability to provide tuning recommendations for security tools to tool administrators
• Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk
• Basic knowledge of the following: SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus
• Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field or equivalent professional experience

Responsibilities

• Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases
• Separate true threats from false positives using network and log analysis and escalate possible intrusions and attacks
• Initiate tickets, document, and escalate to higher-level security analysts
• Perform alert triage and investigations of incoming issues (assess the priority, determine risk)
• Maintain a strong awareness of the current threat landscape

Preferred Qualifications

• Experience and/or understanding of network/host vulnerability analysis, intrusion analysis, or related areas
• Familiarity of the MITRE Framework
• Experience with security tools such as Microsoft Azure, Microsoft Defender, Carbon Black, Splunk, and CrowdStrike
• KQL, regex, or other query language experience
• Hands-on SOC or Incident Response experience
• Security +, Network +, GCIA, CCNA, CEH, RHCA, RHCE, MCSA, MCP, MCSE or related certification(s)
• Familiarity with GPO, Landesk, or other IT Infrastructure tools