BlueVoyant is hiring a
SOC Team Lead in Worldwide

Summary

The job is for a SOC Team Lead at BlueVoyant in College Park, Maryland. The role involves providing world-class service to customers, supervising security analysts, handling high pressure situations, working with customers to deploy monitoring systems, and maintaining a strong awareness of the current threat landscape.

Requirements

• Excellent teamwork skills
• Knowledge of and experience with intrusion detection/prevention systems and SIEM software
• Advanced knowledge and understanding of network protocols and devices
• Advanced experience with Mac OS, Windows, and Unix systems
• Ability to analyze event logs and recognize signs of cyber intrusions/attacks
• Ability to handle high pressure situations in a productive and professional manner
• Ability to work directly with customers to understand requirements for and feedback on security services
• Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
• Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
• Able and willing to work in a 24/7/365 environment, including nights and weekends, on a rotating shift schedule
• Ability to provide create signatures for security tools
• Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk
• Strong knowledge of the following: SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Antivirus, Network Access Control, Encryption, Vulnerability Identification

Responsibilities

• Provides supervision and oversight for Security Analysts during a standard working team/shift
• Assumes full responsibility and accountability for ensuring that customers receive world-class service from Security Analysts assigned to their shift
• Assigns Security Analysts to information security events and oversees investigations as necessary
• Supervise operations in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Supervises complex event investigation and incident declaration
• Ensure events are properly identified, analyzed, and escalated to incidents
• Hunt for suspicious activity based on anomalous activity and indicators of compromise from various intelligence feeds and toolsets
• Participate in the response, investigation, and resolution of security incidents
• Create knowledge base articles for handling medium and high severity incidents
• Assist in the advancement of security policies, procedures, and automation
• Monitor and analyze security events and alerts from multiple sources
• Separate true threats from false positives using network and log analysis and escalate possible intrusions and attacks
• Provide incident investigation, handling, and response to include incident documentation
• Initiate tickets, document, and escalate to higher-level security analysts
• Develop incident response reporting and policy updates as needed
• Perform computer and network forensic analysis
• Serve as the technical escalation point and mentor for lower-level analysts
• Regularly communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual
• Perform triage of incoming issues (assess the priority, determine risk)
• Work with customers to deploy hardware and software monitoring systems

Preferred Qualifications

• Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas
• 5+ years of hands-on SOC/TOC/NOC experience
• GCIA and/or GCIH required. GCFA, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred
• Familiarity with tools such as IDA Pro, PEiD, PEview, Procmon, Snort, Bro, Kali Linux, Metasploit, NMAP, and Nessus
• Familiarity with GPO, Landesk, or other IT Infrastructure tools
• Understanding and/or experience with one or more of the following programming languages: .NET, PHP, Perl, Python, Java, Ruby, C, C++

Benefits

• Health insurance
• Retirement benefits
• Paid time off
• Remote work, flexible hours
• Life and disability insurance
• Bonuses and incentives
• Professional development opportunities
• Workplace training
• Employee assistance program