All roles

Open role

[Remote] SOC Security Analyst L2

Remote · Brazil Full-time

Note: The job is a remote job and is open to candidates in USA. BlueVoyant is seeking a Security Operations Center (SOC) Security Analyst L2 to help global customers manage and improve their cybersecurity posture. The role involves monitoring security events, conducting investigations, and mentoring junior analysts to ensure the safety and security of customer environments.

Responsibilities

  • Monitor and analyze security events and alerts from SIEM platforms, endpoint logs, network telemetry, and EDR tools
  • Research indicators of compromise (IOCs) and malicious activity to determine reputation and risk
  • Conduct malware analysis, attacker infrastructure investigation, and forensic analysis
  • Execute complex investigations and declare incidents when appropriate Perform live response and remote forensics on compromised endpoints
  • Conduct threat hunting activities based on behavioral anomalies and curated intelligence
  • Participate in and support incident response, investigation, and documentation
  • Collaborate closely with BlueVoyant Incident Response teams during active intrusions
  • Ensure events are accurately identified, analyzed, escalated, and documented
  • Identify and tune false positives and benign detections
  • Perform peer reviews and QA checks on junior analysts’ investigations
  • Mentor lower-level analysts and act as the technical escalation point
  • Communicate regularly with clients regarding incidents, findings, and remediation steps
  • Support Customer Success teams during client engagements as required
  • Assist in improving security policies, procedures, tooling, and automation

Skills

  • US Citizenship Required
  • Ability to remain calm and effective in high-pressure security incident situations
  • Ability to work directly with customers to gather requirements and provide feedback on security services
  • Strong written and verbal communication skills with the ability to translate complex technical concepts into clear, understandable language
  • Strong teamwork and interpersonal skills; comfortable working with a globally distributed team
  • Willingness and ability to work a 24/7/365 rotating shift schedule
  • Experience using SIEM solutions, Cloud App Security tools, and EDR platforms
  • Advanced understanding of network protocols and network telemetry
  • Knowledge of Windows and Unix forensic artifacts and analysis methods
  • Expertise in endpoint, web, and authentication log analysis
  • Experience creating SIEM/EDR detections
  • Experience responding to modern authentication attacks (AD, Entra, OATH, etc.)
  • Deep knowledge of common attack paths, including LOLBins, adversary tools, BEC attacks, AiTM, and lateral movement techniques
  • Strong knowledge of SIEM workflows (preferably Microsoft Sentinel or Splunk)
  • Strong knowledge of modern authentication systems and attacks (SSO, OATH, Entra)
  • Strong knowledge of malware detection and analysis (dynamic and light static)
  • Strong knowledge of network and firewall logs, IDS/WAF, web traffic logs
  • Strong knowledge of email security and BEC attack methodologies
  • Strong knowledge of Windows and Unix forensic artifacts (registry, wtmp/btmp, etc.)
  • Strong knowledge of Windows PE and malicious document analysis
  • Strong knowledge of legitimate and malicious remote access methods
  • Strong knowledge of O365 attack paths and common adversary techniques
  • Strong knowledge of network metadata and commonly abused protocols
  • Strong knowledge of credential harvesting tools and methodologies
  • Experience in intrusion analysis, incident response, digital forensics, penetration testing, or similar fields
  • 3+ years of hands-on SOC/TOC/NOC experience
  • GIAC certification(s) strongly preferred
  • Additional certifications such as CISSP, Security+, Network+, CEH, RHCA, RHCE, MCSA, MCP, MCSE
  • Familiarity with tools such as Microsoft Sentinel, Splunk, Microsoft Defender suite, CrowdStrike Falcon, SentinelOne
  • Familiarity with GPO, LANDesk, or other IT infrastructure tools
  • Experience with one or more programming languages (JavaScript, Python, Lua, Ruby, Go, Rust)

Company Overview

  • BlueVoyant provides advanced threat intelligence, managed security services, and cybersecurity consulting to businesses and organizations. It was founded in 2017, and is headquartered in New York, New York, USA, with a workforce of 501-1000 employees. Its website is https://www.bluevoyant.com.
  • More open positions

    [Remote] Staff AI/ML Engineer, Developer Productivity

    Work from home Full-time role

    [Remote] Senior Proposal Marketing Associate, Remote (Power & Energy)

    Work from home Full-time role

    [Remote] Staff Software Engineer, Mapping

    Work from home Full-time role

    [Remote] Investment Research Analyst

    Work from home Full-time role

    [Remote] Technical Data Analyst III

    Work from home Full-time role

    Nurse Educator (1099 Independent Contractor)

    Work from home Full-time role

    Remote SLP (C's and Washington Licensure Required)

    Work from home Full-time role

    Salesforce Developer (Remote) with Security Clearance

    Work from home Full-time role

    Hiring Now: Chewy Customer Support Specialist (Remote) –

    Work from home Full-time role

    Digital Marketing Manager

    Work from home Full-time role

    Junior Data Scientist - Insite

    Work from home Full-time role

    Research and Administrative Manager

    Work from home Full-time role

    Collections Acquisition and Metadata Librarian job at Teachers College - TC in New York, NY

    Work from home Full-time role

    Remote Online Travel Planner

    Work from home Full-time role

    [Remote] Senior Fabric Data Engineer

    Work from home Full-time role

    GCP Cloud Developer

    Work from home Full-time role

    Paid Media Search Analyst

    Work from home Full-time role

    Secondary English/Language Arts Teacher

    Work from home Full-time role

    Intake Coordinator Aleca Home Health AZ (Remote) - FT

    Work from home Full-time role

    Remote Customer Support Specialist – Airline Reservations, Sales & Multi-Channel Service Expert

    Work from home Full-time role

    Remote Part-Time Evening Data Entry Specialist – Flexible Hours, Weekly Pay & Remote Work Opportunities at careerzynith

    Work from home Full-time role