OverviewPOSITION SUMMARY:
The Bayview Security Operations Center (SOC) is looking for a seasoned professional to join our enthusiastic, innovative, and results driven team. The Associate, SOC Analyst will be the first line of defense in detecting and responding to security incidents at Bayview. In this role, you will perform daily incident response triage activities and investigate cybersecurity incidents as necessary and will also perform proactive threat hunting activities to ensure a robust protection and detection posture. This role requires strong technical skills, curiosity, critical thinking, and a solid understanding of security tools and processes.
Key Responsibilities:
- Monitor security alerts and notifications from various security platforms and log sources, including SIEM, IDS/IPS, firewalls, and endpoint protection tools to identify suspicious activity
- Triage potential security incidents to identify false-positives, determine scope and impact, and work with stakeholders across the organization to respond to incidents in a timely manner.
- Escalate incidents to senior analysts as necessary
- Work with customers to investigate potential phishing emails and take corrective actions.
- Contribute to the development and optimization of SIEM use cases, correlation rules, and incident response playbooks
- Assist with the integration of threat intelligence into the SOC’s detection and response processes
- Document security incidents, findings, and remediation actions in incident tracking systems
- Contribute to the creation of daily, weekly, and monthly security reports for management and stakeholders
- Communicate security events and incidents clearly and concisely to both technical and non-technical audiences
Minimum Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Additional relevant experience and/or certifications may be considered in lieu of a degree.
- 5+ years of cybersecurity experience
- 2+ years of experience working in an operational environment (e.g., SOC, NOC).
- A deep understanding of cybersecurity concepts, security infrastructure, threat actors, and common attack vectors is required
- Experience with log analysis and knowledge of common Windows Event IDs is required
- Hands-on experience with Splunk SIEM is required
- Proven ability to analyze and respond to security incidents
- Knowledge of security frameworks such as NIST CSF and MITRE ATT&CK is required
- A fundamental understanding of Windows, Linux and Mac operating systems is required. System administration experience is preferred.
- A fundamental understanding of network communications, to include common protocols and applications is required
- Experience with Python, PowerShell, and Bash scripting is strongly desired
- Experience with Azure and AWS cloud infrastructure and security tools is strongly desired
- Must be detail oriented, organized, and have strong analytical skills
- One or more of the following certificates is preferred: CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GSFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Enterprise Defender (GCED), Computer Hacking Forensic Investigator (CHFI), EC-Council Certified Incident Handler (ECIH), EC-Council Certified Security Specialist (ECSS), Certified Ethical Hacker (CEH), Certified Cyber Forensics Professional (CCFP), AWS Security Specialist, Azure Security Engineer Associate
Location & Compensation:
- Location: Located anywhere in the US / Remote role
- Base compensation is expected to be $110,000-140,000 with the opportunity for incentive compensation including bonus compensation.
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus.
EEOC
Bayview is an Equal Employment Opportunity employer. All aspects of consideration for employment and employment with the Company are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or any other category protected by federal, state, or local law.