Description
SOC Analyst Level 3
Location: Hybrid from either the Nashville, TN or Tulsa, OK location as a preference. Remote considered for extraordinary candidate.
US Citizenship required.
This role requires shift work as follows:
Job Description:
Companies are constantly under attack by sophisticated cyber adversaries that range from nation states to organized criminal activity. In response, the Strategic Cyber Operations (SCyOps) Delivery team is charged with ensuring all customers are secure against all tiers of adversaries. We are on the front lines of creating cyber resiliency with our customers. We deliver seamless integration of Security Operations, IT Operations, and Integrated Risk Management through our unified Cyber Resiliency Management Platform, ARMED ATK and our Strategic Cyber Operations (SCyOps) Delivery team.
As a part of this team, you'll be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical cyber knowledge to protect the organizations we work with in the Critical Infrastructure Sectors.
Our Cyber Resiliency Management Platform, ARMED ATK, provides the competitive edge needed to combat adversaries and defend against threats 24/7/365. Our ScyOps teams are in our US based Command Centers in Nashville, TN and Tulsa, Ok and staffed by US Citizens. This is an onsite role at one of our Command Centers.
Responsibilities:
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!
Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.
Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.
All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.
Location: Hybrid from either the Nashville, TN or Tulsa, OK location as a preference. Remote considered for extraordinary candidate.
US Citizenship required.
This role requires shift work as follows:
- Day Shift 8am - 5pm
Job Description:
Companies are constantly under attack by sophisticated cyber adversaries that range from nation states to organized criminal activity. In response, the Strategic Cyber Operations (SCyOps) Delivery team is charged with ensuring all customers are secure against all tiers of adversaries. We are on the front lines of creating cyber resiliency with our customers. We deliver seamless integration of Security Operations, IT Operations, and Integrated Risk Management through our unified Cyber Resiliency Management Platform, ARMED ATK and our Strategic Cyber Operations (SCyOps) Delivery team.
As a part of this team, you'll be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical cyber knowledge to protect the organizations we work with in the Critical Infrastructure Sectors.
Our Cyber Resiliency Management Platform, ARMED ATK, provides the competitive edge needed to combat adversaries and defend against threats 24/7/365. Our ScyOps teams are in our US based Command Centers in Nashville, TN and Tulsa, Ok and staffed by US Citizens. This is an onsite role at one of our Command Centers.
Responsibilities:
- Lead team in regular Incident Handling duties for minor or major security incidents within the defined Computer Security Incident Response process.
- Maintain situational awareness for cyber threats across multiple clients and deploys countermeasures across various technologies.
- Malware and exploit analysis and remote remediation
- Assess alerts and notifications of event activity from our SIEM platform, and intrusion detection systems by responding accordingly to the threat.
- Contribute to continuous content development of threat detection and prevention systems.
- Maintain knowledge of security principles, best practices and emerging industry trends to inform data analysis and threat research.
- Perform security and privacy risk mitigation efforts, including incident response.
- Develop new forensic detective and investigative capabilities using current technical solutions.
- Conduct backup management, vulnerability management, patch management in alignment with customer defined security protocols.
- Evidence gathering for compliance and linking ARMED ATK.
- Support Phishing campaigns and Penetration Testing Configuration.
- System Security Plan (SSP) documentation, of the controls implemented and tested to provide protection from threats and vulnerabilities identified during the planning and review process.
- Customer Enterprise Architecture Diagram development.
- Analysis: Identify and understand issues, problems, and opportunities; compare data from various sources to draw conclusions.
- Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
- Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints, and probable consequences.
- Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise.
- Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals and collaborate with cross-functional teams to provide technical expertise and guidance on best practices and methodologies.
- Client Focus: Make internal and external clients and their needs a focus of actions; develop and sustain productive client relationships.
- Must be willing to work weeknight or weekend night shifts.
- Extended working hours may be required as dictated by management and business needs.
- B.S. in Computer Science, Computer Engineering, MIS, or related degree.
- Minimum 5 years' experience with cybersecurity
- Understanding of Cyber Security Frameworks such as NIST, ISO, CIS, SOC, etc.
- Hands on experience with using security monitoring tools, running vulnerability scans, and reviewing assessment reports.
- Systems administrator experience in Linux, Unix, Windows or OSX operating systems and familiarity with networking concepts is desirable.
- Proficiency in PowerShell, Python or Bash with the ability to create scripts, develop tools, or automate processes.
- Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis.
- Demonstrated ability to perform static and dynamic malware analysis.
- Demonstrated ability to analyze large data sets and identify anomalies.
- Demonstrated ability to quickly create and deploy countermeasures.
- Familiarity with common infrastructure systems that can be used as enforcement points.
- Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.
- Must work well under pressure to meet deadlines.
- One or more of the following (or similar), or the ability to obtain within one year:
- CSA: Certified SOC Analyst
- GISF: Information Security Fundamentals
- GSEC: Security Essentials
- GCIH: Certified Incident Handler
- CompTIA Security+
- MS-500/AZ-500
- MS-900, AZ-104, Network+
- Willing to work at a high level of intensity and fast pace to support the needs of rapidly growing businesses.
- Flexible and able to handle multiple projects at one time while maintaining incredible attention to detail.
- Maintain a positive, solutions-focused attitude.
- Ability to use good judgement and keep client information confidential.
- Bold, confident & open to feedback
- Strategic, analytical, collaborative
- Adaptive problem solver with grit
- Acumen, emotional stability, intellectual capacity
- Mission oriented
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!
Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.
Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.
All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.
BlueVoyant Candidate Privacy Notice
To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice