SOC Security Analyst L3

: Monday-Friday day shift (8am-4pm or 9am-5pm PDT).

Work Authorization:

US Citizenship Required

Summary:

BlueVoyant is looking for Security Operations Center (SOC) Analysts to defend our global customers from the constant fight against adversaries. You will be part of a fast-paced team that helps spot, defend, and remediate adversary activity to reduce the impact and dwell time of security incidents.

As an L3 analyst, you are the ultimate technical expert and escalation point for analysts on your team. Your significant expertise in modern attacks, analysis of intrusion data, and knowledge of attack remediation ensures that attacks against our clients are handled with urgency, accuracy, and effective communication. You are the mentor for junior analysts, the trusted voice of customers, and the bane of adversaries. The experience you bring to the role provides a front-row voice to technology strategy, process improvements, and an advocate for analysts around the world.

As a L3 Analyst, you will play a critical role in supporting the security of client environments. You’ll handle active intrusions and escalations from junior analysts, and you know how to dive into client systems and logs to find attacker activity while tracing a labyrinth of domain registrations and ripping apart malware. When you say “it’s bad” everyone jumps into action.

Beyond technical expertise, you understand that the burden of proof is on you and requires excellent documentation and communication. Clients are not left with more questions than they started with when they read your reports and know exactly what actions they need to take to kick bad guys to the curb.

Monitor and analyze security events and alerts from multiple sources, including SIEM logs, endpoint logs, and EDR telemetry.

Research indicators and activities to determine reputation and suspicious attributes • Perform analysis of malware, attacker network infrastructure, and forensic artifacts .

Execute complex investigations and handle incident declaration • Perform live response analysis of compromised endpoints.

Access and actions within client systems will be performed in accordance with defined client-approved access controls, logging, and BlueVoyant operating procedures.

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200 and GCHQ, together

with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tulsa, San Francisco, Leeds, London, Cork, Budapest, Tel Aviv and Latin America.

All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.