SOC Team Lead @ BlueVoyant | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
SOC Team Lead jobs in College Park, MD
56 applicants
company-logo

BlueVoyant · 6 days ago

SOC Team Lead

ftfMaximize your interview chances
Cyber SecurityNetwork Security
check
Actively Hiring
badNo H1BnoteU.S. Citizen Onlynote
Hiring Manager
Kathe Kanwal Bist (formerly Yamagata)
linkedin

Insider Connection @BlueVoyant

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Supervise and mentor Security Analysts during a standard working team/shift
Manage analyst workload and workflows while acting as an escalation point for your team
Communicate with BlueVoyant clients throughout incident escalations and lifecycle
Supervise operations in deterring, identifying, monitoring, investigating, and analyzing attacks
Support analyst alert triage to identify whether appropriate escalations occurred, and monitor for patterns indicating late-stage incident lifecycle alerts requiring incident response
Provide quality control and feedback for analyst investigations
Participate in the response, investigation, and resolution of security incidents
Ensure teams are aware of operating procedures and any changes or additions
Aid in keeping operational documentation up to date
Provide incident investigation, handling, and response, including incident documentation
Serve as the technical escalation point and mentor for your analyst team
Perform triage of incoming issues (assess the priority, determine risk)
Maintain a strong awareness of the current threat landscape

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Intrusion detection/prevention systemsSIEM softwareNetwork protocolsEvent log analysisEnterprise Cloud SolutionsGCIAGCIHMac OSWindowsUnix systemsMalware SandboxesSentinelSplunkEDR solutionsModern authentication systemsPacket AnalysisMalware DetectionNetwork MonitoringEmail SecurityVulnerability IdentificationNetwork/host vulnerability analysisDigital forensicsPenetration testingGCFAGCFECISSPSecurity +CEHRHCARHCE

Required

US Citizenship required for this role.
Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team.
Able and willing to work in a 24/7/365 environment, including nights and weekends, on a rotating shift schedule.
Experience managing technical individual contributors, including providing feedback, monitoring quality, and prioritizing work.
Strong customer communications skills, including articulating complex or urgent technical data and scenarios to non-technical audiences.
Ability to handle high pressure situations in a productive and professional manner.
Knowledge of and experience with intrusion detection/prevention systems and SIEM software.
Advanced knowledge and understanding of network protocols and devices.
Advanced experience with Mac OS, Windows, and Unix systems.
Ability to analyze event logs and recognize signs of cyber intrusions/attacks.
Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language.
Familiarity with tools such as Malware Sandboxes, Sentinel, Splunk, EDR solutions.
Strong knowledge of Enterprise Cloud Solutions (Azure, GCP, AWS).
Strong knowledge of modern authentication systems and attacks (SSO, OATH, Entra, etc.).
Strong knowledge of SIEM workflows (preferably Sentinel and Splunk).
Strong knowledge of packet analysis.
Strong knowledge of malware detection, to include dynamic and light static analysis.
Strong knowledge of network monitoring metadata (web logs, firewall logs, WAF/IDS).
Strong knowledge of email security and common business email compromise attacks.
Strong knowledge of vulnerability identification and correlation to attacker behavior.
Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field or equivalent experience.

Preferred

Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas.
5+ years of hands-on SOC/TOC/NOC experience.
GCIA and/or GCIH required. GCFA, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred.
Familiarity with technologies such as Sentinel, Splunk, Microsoft Defender suites, Crowdstrike Falcon, SentinelOne.
Familiarity with Group Policy, Intune, Virtualization, and other IT Infrastructure tools.
Understanding and/or experience with one or more of the following programming languages: JavaScript, Python, Lua, Ruby, GoLang, Rust.

Company

BlueVoyant

twittertwittertwitter
company-logo
BlueVoyant provides advanced threat intelligence, managed security services, and cybersecurity consulting to businesses and organizations.

Funding

Current Stage
Late Stage
Total Funding
$665.5M
Key Investors
Liberty Strategic CapitalManhattan Venture Partners (MVP)Temasek Holdings
2023-11-29Series E· $140M
2023-04-24Secondary Market· undefined
2022-02-23Series D· $250M

Leadership Team

leader-logo
Tim Yost
Chief Financial Officer
linkedin
leader-logo
Gad Goldstein
President of BlueVoyant, International and Chairman, Israel
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot