SOC Analyst Level 3
BlueVoyant
- Nashville, TN Tulsa, OK
- Permanent
- Full-time
- Day Shift 8am - 5pm
- Lead team in regular Incident Handling duties for minor or major security incidents within the defined Computer Security Incident Response process.
- Maintain situational awareness for cyber threats across multiple clients and deploys countermeasures across various technologies.
- Malware and exploit analysis and remote remediation
- Assess alerts and notifications of event activity from our SIEM platform, and intrusion detection systems by responding accordingly to the threat.
- Contribute to continuous content development of threat detection and prevention systems.
- Maintain knowledge of security principles, best practices and emerging industry trends to inform data analysis and threat research.
- Perform security and privacy risk mitigation efforts, including incident response.
- Develop new forensic detective and investigative capabilities using current technical solutions.
- Conduct backup management, vulnerability management, patch management in alignment with customer defined security protocols.
- Evidence gathering for compliance and linking ARMED ATK.
- Support Phishing campaigns and Penetration Testing Configuration.
- System Security Plan (SSP) documentation, of the controls implemented and tested to provide protection from threats and vulnerabilities identified during the planning and review process.
- Customer Enterprise Architecture Diagram development.
- Analysis: Identify and understand issues, problems, and opportunities; compare data from various sources to draw conclusions.
- Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
- Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints, and probable consequences.
- Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise.
- Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals and collaborate with cross-functional teams to provide technical expertise and guidance on best practices and methodologies.
- Client Focus: Make internal and external clients and their needs a focus of actions; develop and sustain productive client relationships.
- Must be willing to work weeknight or weekend night shifts.
- Extended working hours may be required as dictated by management and business needs.
- B.S. in Computer Science, Computer Engineering, MIS, or related degree.
- Minimum 5 years' experience with cybersecurity
- Understanding of Cyber Security Frameworks such as NIST, ISO, CIS, SOC, etc.
- Hands on experience with using security monitoring tools, running vulnerability scans, and reviewing assessment reports.
- Systems administrator experience in Linux, Unix, Windows or OSX operating systems and familiarity with networking concepts is desirable.
- Proficiency in PowerShell, Python or Bash with the ability to create scripts, develop tools, or automate processes.
- Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis.
- Demonstrated ability to perform static and dynamic malware analysis.
- Demonstrated ability to analyze large data sets and identify anomalies.
- Demonstrated ability to quickly create and deploy countermeasures.
- Familiarity with common infrastructure systems that can be used as enforcement points.
- Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.
- Must work well under pressure to meet deadlines.
- One or more of the following (or similar), or the ability to obtain within one year:
- CSA: Certified SOC Analyst
- GISF: Information Security Fundamentals
- GSEC: Security Essentials
- GCIH: Certified Incident Handler
- CompTIA Security+
- MS-500/AZ-500
- MS-900, AZ-104, Network+
- Willing to work at a high level of intensity and fast pace to support the needs of rapidly growing businesses.
- Flexible and able to handle multiple projects at one time while maintaining incredible attention to detail.
- Maintain a positive, solutions-focused attitude.
- Ability to use good judgement and keep client information confidential.
- Bold, confident & open to feedback
- Strategic, analytical, collaborative
- Adaptive problem solver with grit
- Acumen, emotional stability, intellectual capacity
- Mission oriented