BlueVoyant · 2 days ago
SOC Team Lead
Maximize your interview chances
Insider Connection @BlueVoyant
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Supervise and mentor Security Analysts during a standard working team/shift
Manage analyst workload and workflows while acting as an escalation point for your team
Communicate with BlueVoyant clients throughout incident escalations and lifecycle
Supervise operations in deterring, identifying, monitoring, investigating, and analyzing attacks
Support analyst alert triage to identify whether appropriate escalations occurred, and monitor for patterns indicating late-stage incident lifecycle alerts requiring incident response
Provide quality control and feedback for analyst investigations
Participate in the response, investigation, and resolution of security incidents
Ensure teams are aware of operating procedures and any changes or additions
Aid in keeping operational documentation up to date
Provide incident investigation, handling, and response, including incident documentation
Serve as the technical escalation point and mentor for your analyst team
Perform triage of incoming issues (assess the priority, determine risk)
Maintain a strong awareness of the current threat landscape
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
US Citizenship required for this role.
Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team.
Able and willing to work in a 24/7/365 environment, including nights and weekends, on a rotating shift schedule.
Experience managing technical individual contributors, including providing feedback, monitoring quality, and prioritizing work.
Strong customer communications skills, including articulating complex or urgent technical data and scenarios to non-technical audiences.
Ability to handle high pressure situations in a productive and professional manner.
Knowledge of and experience with intrusion detection/prevention systems and SIEM software.
Advanced knowledge and understanding of network protocols and devices.
Advanced experience with Mac OS, Windows, and Unix systems.
Ability to analyze event logs and recognize signs of cyber intrusions/attacks.
Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language.
Familiarity with tools such as Malware Sandboxes, Sentinel, Splunk, EDR solutions.
Strong knowledge of Enterprise Cloud Solutions (Azure, GCP, AWS).
Strong knowledge of modern authentication systems and attacks (SSO, OATH, Entra, etc.).
Strong knowledge of SIEM workflows (preferably Sentinel and Splunk).
Strong knowledge of packet analysis.
Strong knowledge of malware detection, to include dynamic and light static analysis.
Strong knowledge of network monitoring metadata (web logs, firewall logs, WAF/IDS).
Strong knowledge of email security and common business email compromise attacks.
Strong knowledge of vulnerability identification and correlation to attacker behavior.
Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field or equivalent experience.
Preferred
Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas.
5+ years of hands-on SOC/TOC/NOC experience.
GCIA and/or GCIH required. GCFA, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred.
Familiarity with technologies such as Sentinel, Splunk, Microsoft Defender suites, Crowdstrike Falcon, SentinelOne.
Familiarity with Group Policy, Intune, Virtualization, and other IT Infrastructure tools.
Understanding and/or experience with one or more of the following programming languages: JavaScript, Python, Lua, Ruby, GoLang, Rust.
Company
BlueVoyant
BlueVoyant provides advanced threat intelligence, managed security services, and cybersecurity consulting to businesses and organizations.
Funding
Current Stage
Late StageTotal Funding
$665.5MKey Investors
Liberty Strategic CapitalManhattan Venture Partners (MVP)Temasek Holdings
2023-11-29Series E· $140M
2023-04-24Secondary Market
2022-02-23Series D· $250M
Leadership Team
Recent News
2024-11-26
2024-11-05
2024-05-23
Company data provided by crunchbase