[Remote] SOC Security Analyst L2

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. BlueVoyant is seeking a Security Operations Center (SOC) Security Analyst L2 to help global customers manage and improve their cybersecurity posture. The role involves monitoring security events, conducting investigations, and mentoring junior analysts to ensure the safety and security of customer environments.

Responsibilities

Monitor and analyze security events and alerts from SIEM platforms, endpoint logs, network telemetry, and EDR tools
Research indicators of compromise (IOCs) and malicious activity to determine reputation and risk
Conduct malware analysis, attacker infrastructure investigation, and forensic analysis
Execute complex investigations and declare incidents when appropriate Perform live response and remote forensics on compromised endpoints
Conduct threat hunting activities based on behavioral anomalies and curated intelligence
Participate in and support incident response, investigation, and documentation
Collaborate closely with BlueVoyant Incident Response teams during active intrusions
Ensure events are accurately identified, analyzed, escalated, and documented
Identify and tune false positives and benign detections
Perform peer reviews and QA checks on junior analysts’ investigations
Mentor lower-level analysts and act as the technical escalation point
Communicate regularly with clients regarding incidents, findings, and remediation steps
Support Customer Success teams during client engagements as required
Assist in improving security policies, procedures, tooling, and automation

Skills

US Citizenship Required
Ability to remain calm and effective in high-pressure security incident situations
Ability to work directly with customers to gather requirements and provide feedback on security services
Strong written and verbal communication skills with the ability to translate complex technical concepts into clear, understandable language
Strong teamwork and interpersonal skills; comfortable working with a globally distributed team
Willingness and ability to work a 24/7/365 rotating shift schedule
Experience using SIEM solutions, Cloud App Security tools, and EDR platforms
Advanced understanding of network protocols and network telemetry
Knowledge of Windows and Unix forensic artifacts and analysis methods
Expertise in endpoint, web, and authentication log analysis
Experience creating SIEM/EDR detections
Experience responding to modern authentication attacks (AD, Entra, OATH, etc.)
Deep knowledge of common attack paths, including LOLBins, adversary tools, BEC attacks, AiTM, and lateral movement techniques
Strong knowledge of SIEM workflows (preferably Microsoft Sentinel or Splunk)
Strong knowledge of modern authentication systems and attacks (SSO, OATH, Entra)
Strong knowledge of malware detection and analysis (dynamic and light static)
Strong knowledge of network and firewall logs, IDS/WAF, web traffic logs
Strong knowledge of email security and BEC attack methodologies
Strong knowledge of Windows and Unix forensic artifacts (registry, wtmp/btmp, etc.)
Strong knowledge of Windows PE and malicious document analysis
Strong knowledge of legitimate and malicious remote access methods
Strong knowledge of O365 attack paths and common adversary techniques
Strong knowledge of network metadata and commonly abused protocols
Strong knowledge of credential harvesting tools and methodologies
Experience in intrusion analysis, incident response, digital forensics, penetration testing, or similar fields
3+ years of hands-on SOC/TOC/NOC experience
GIAC certification(s) strongly preferred
Additional certifications such as CISSP, Security+, Network+, CEH, RHCA, RHCE, MCSA, MCP, MCSE
Familiarity with tools such as Microsoft Sentinel, Splunk, Microsoft Defender suite, CrowdStrike Falcon, SentinelOne
Familiarity with GPO, LANDesk, or other IT infrastructure tools
Experience with one or more programming languages (JavaScript, Python, Lua, Ruby, Go, Rust)

Company Overview

BlueVoyant provides advanced threat intelligence, managed security services, and cybersecurity consulting to businesses and organizations. It was founded in 2017, and is headquartered in New York, New York, USA, with a workforce of 501-1000 employees. Its website is https://www.bluevoyant.com.

Apply Now

[Remote] SOC Security Analyst L2

More open positions

[Remote] Staff AI/ML Engineer, Developer Productivity

[Remote] Senior Proposal Marketing Associate, Remote (Power & Energy)

[Remote] Staff Software Engineer, Mapping

[Remote] Investment Research Analyst

[Remote] Technical Data Analyst III

Senior Software Engineer, Core Experiences - Montreal, Canada

Product Manager, Gene to Protein Lab Essentials

Early-Career Insurance Agent | Build Fast With Leading Tech | Remote First Year

[Remote] Consultant Engineer - Microsoft

Office Administrator and Accounting Specialist

Experienced Full Stack Data Entry and Customer Service Professional – Omnicare at careerzynith

Software Quality Analyst - Taiwanese Mandarin - Taiwan

HR Business Partner, Retail, Northwest Region, SF Bay Area

Remote SEO Copywriter Jobs – Freelance Projects

Experienced Customer Service Representative - Work From Home Opportunity at careerzynith

Experienced Home-Based Data Entry Specialist – Remote Work Opportunity with careerzynith

(No Experience/Entry Level) Netflix Remote Jobs $25/Hr

Multi-Site Property Manager

[Remote] US Defense Software Engineering Lead

Remote Clinic Admissions Associate / Sr. CAA

Remote Customer Service Representative – Lead Qualification & Client Relationship Specialist at careerzynith