[Remote] SOC Security Analyst L2

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. BlueVoyant is seeking a Security Operations Center (SOC) Security Analyst L2 to help global customers manage and improve their cybersecurity posture. You will work in a fast-paced environment focused on minimizing the impact of security incidents and ensuring critical business operations remain uninterrupted. Responsibilities • Monitor and analyze security events and alerts from SIEM platforms, endpoint logs, network telemetry, and EDR tools • Research indicators of compromise (IOCs) and malicious activity to determine reputation and risk • Conduct malware analysis, attacker infrastructure investigation, and forensic analysis • Execute complex investigations and declare incidents when appropriate • Perform live response and remote forensics on compromised endpoints • Conduct threat hunting activities based on behavioral anomalies and curated intelligence • Participate in and support incident response, investigation, and documentation • Collaborate closely with BlueVoyant Incident Response teams during active intrusions • Ensure events are accurately identified, analyzed, escalated, and documented • Identify and tune false positives and benign detections • Perform peer reviews and QA checks on junior analysts’ investigations • Mentor lower-level analysts and act as the technical escalation point • Communicate regularly with clients regarding incidents, findings, and remediation steps • Support Customer Success teams during client engagements as required • Assist in improving security policies, procedures, tooling, and automation Skills • Ability to remain calm and effective in high-pressure security incident situations • Ability to work directly with customers to gather requirements and provide feedback on security services • Strong written and verbal communication skills with the ability to translate complex technical concepts into clear, understandable language • Strong teamwork and interpersonal skills; comfortable working with a globally distributed team • Willingness and ability to work a 24/7/365 rotating shift schedule • Experience using SIEM solutions, Cloud App Security tools, and EDR platforms • Advanced understanding of network protocols and network telemetry • Knowledge of Windows and Unix forensic artifacts and analysis methods • Expertise in endpoint, web, and authentication log analysis • Experience creating SIEM/EDR detections • Experience responding to modern authentication attacks (AD, Entra, OATH, etc.) • Deep knowledge of common attack paths, including LOLBins, adversary tools, BEC attacks, AiTM, and lateral movement techniques • Strong knowledge of SIEM workflows (preferably Microsoft Sentinel or Splunk) • Strong knowledge of modern authentication systems and attacks (SSO, OATH, Entra) • Strong knowledge of malware detection and analysis (dynamic and light static) • Strong knowledge of network and firewall logs, IDS/WAF, web traffic logs • Strong knowledge of email security and BEC attack methodologies • Strong knowledge of Windows and Unix forensic artifacts (registry, wtmp/btmp, etc.) • Strong knowledge of Windows PE and malicious document analysis • Strong knowledge of legitimate and malicious remote access methods • Strong knowledge of O365 attack paths and common adversary techniques • Strong knowledge of network metadata and commonly abused protocols • Strong knowledge of credential harvesting tools and methodologies • Experience countering ransomware threat actors • Experience in intrusion analysis, incident response, digital forensics, penetration testing, or similar fields • 3+ years of hands-on SOC/TOC/NOC experience • GIAC certification(s) strongly preferred • Additional certifications such as CISSP, Security+, Network+, CEH, RHCA, RHCE, MCSA, MCP, MCSE • Familiarity with tools such as Microsoft Sentinel, Splunk, Microsoft Defender suite, CrowdStrike Falcon, SentinelOne • Familiarity with GPO, LANDesk, or other IT infrastructure tools • Experience with one or more programming languages (JavaScript, Python, Lua, Ruby, Go, Rust) Company Overview • BlueVoyant provides advanced threat intelligence, managed security services, and cybersecurity consulting to businesses and organizations. It was founded in 2017, and is headquartered in New York, New York, USA, with a workforce of 501-1000 employees. Its website isApply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

[FULL TIME Remote] DoorDash – Restaurant Delivery – Durango, CO

Remote

Tech Lead

Remote

Senior Product Manager (Remote, select US states)

Remote

[Remote] Senior Real Estate Analyst (Affordable Housing)

Remote

Immediate Hiring: Supervisor Delivery CDL Required

Remote

Experienced Customer Training Specialist – Empowering Customer Success at careerzynith

Remote

[Remote] Clinic Growth Manager

Remote

Insurance Verification Specialist - Remote Opportunity in Pennsylvania with Walgreens

Remote

Remote Data Entry Jobs at Amazon - No Experience Required

Remote

Entry-Level Remote Customer Support Representative at Apple-

Remote
← Back