Overview
SOC Security Analyst III Jobs in San Francisco, California, USA at BlueVoyant
Title: SOC Security Analyst III
Company: BlueVoyant
Location: San Francisco, California, USA
Type: Full Time
Category: IT/Tech, Security
SOC Security Analyst III
Location:
Remote in Sydney, Australia
The shift will be Monday – Friday, 8 AM – 5 PM AEDT, with on-call duties rotating every second weekend.
Blue Voyant is looking for a Security Operations Center (SOC) Security Analyst III to help our global customers manage their IT security. You will be part of afast-pacedteam that helps customers to reduce the impact of security incidents and ensures that critical business operations continue unhindered.
Summary
As a Senior analyst, you are the ultimate technical expert and escalation point for analysts on your team. Your significant expertise inmodernattacks, analysis of intrusion data, and knowledge of attack remediation ensures that attacks against our clients are handled with urgency, accuracy, andeffective communication. You are the mentor for junior analysts, the trusted voice of customers, and the bane of adversaries.
Key Responsibilities
As a Senior analyst, the safety and security of your clients is your ultimate motivator and responsibility. You will handle active intrusions and escalations from junior analysts, diving into client systems and logs to find attacker activity.
Monitor and analyze security events and alerts from multiple sources, including SIEM logs, endpoint logs, and EDR telemetry
Research indicators and activities to determine reputation and suspicious attributes
Perform analysis of malware, attacker network infrastructure, and forensic artifacts
Execute complex investigations and handle incident declaration
Perform live response analysis of compromised endpoints
Hunt for suspicious activity based on anomalous activity and curated intelligence
Participate in the response, investigation, and resolution of security incidents
Provide incident investigation, handling, response, and incident documentation
Engage and assist the Blue Voyant Incident Response teams for active intrusions
Ensure events are properly identified, analyzed, and escalated to incidents
Assist in theadvancementof security policies, procedures, and automation
Serve as the technical escalation point and mentor for lower-level analysts
Regularly communicate with clients to inform them of incidents and aid in remediation
Identification and tuning of false-positive or benign detect ions
Perform peer review and QA of junior analyst investigations
Support Customer Success team with client engagements when required
Basic Qualifications
People Skills:
Ability to handle high pressure situations in a productive and professional manner
Ability to work directly with customers to understand requirements for and feedback on security services
Advanced written and verbalcommunication skillsand the ability to present complex technical topics in clear and easy-to-understand language
Strongteamworkand interpersonal skills, including the ability to work effectively with a globally distributed team
Tech Skills:
Knowledge and experience with SIEM solutions, Cloud App Security tools, and EDR
Advanced knowledge and understanding of network protocols and network telemetry
Forensic artifact and analysis knowledge of Windows and Unix systems
Expertise in Endpoint, Web, and Authentication log analysis
Experience with SIEM/EDR detection creation
Experience in responding tomodernauthentication attacks against AD, Entra, OATH, etc.
Expert knowledge of common attack paths, including LOLbin use, common adversary tools, business email compro…
