The BSC SOC provides real-time, continuous cybersecurity monitoring and triage, uninterrupted event detection, incident analysis, coordination and response, situational awareness, and cybersecurity countermeasure implementation capabilities for maintaining a secure cybersecurity and information assurance posture. The SOC has the authority to implement mitigation actions, in coordination with other enterprise IT services and local system administrators, in order to reduce our clients' exposure to cybersecurity threats and incidents.
The SOC provides the following services to our clients:
- Continuous Monitoring and Detection (M&D) and Triage via our Blueshift XDR Platform
- Incident Response and Management based on OODA
- Incident Analysis
- Cyber Forensics
- Cyber Threat Detection and Hunting
- Cyber Threat Analysis
- Managed Application Whitelisting
- Managed Data Defense
- Insider Threat Detection
- Support the operations and overall service delivery of SOC services to BSC clients
- Triage alerts and anomalies detected within our client’s infrastructure
- Work with internal teams to continuously improve operations and platform performance
- Provide real-time response to requests for emergency blocking/unblocking upon receipt of notification from authorized personnel in accordance with relevant service level agreements
- Continually improve operating methods, and document standard processes and procedures
- Be part of an on-call rotation (24/7) for service continuity and escalations
- Monitor health of all internal SOC systems to ensure uninterrupted client service
- Document and track client calls, service requests and resolutions
- Provide internal SOC training and knowledge transfer as required
- Other duties as assigned
- Proficient with Linux, Windows and MacOS
- Ability to investigate security alerts and system logs and telemetry for signs of malicious activity.
- Ability to define, tune and deploy signatures to detect malicious activity.
- Strong cybersecurity knowledge regarding the Cyber Kill Chain and MITRE ATT&CK framework
- Friendly demeanor. Ability to work well with others and partner on solutions. Coachable.
- Excellent verbal and written communication skills.
- Excellent organizational skills and attention to detail.
- Proactive and results driven, enjoys analysis work.
- Strong analytical and problem-solving skills. Curious.
- Ability to act with integrity, professionalism, and confidentiality.
Education and Experience:
- Bachelor’s degree in Computer Science, Computer Engineering, Information Systems or related field preferred. Strong self-taught candidates encouraged to apply.
- Server Administration and Cybersecurity Certificates such as Linux+, Security+, GCIA, CISSP, CEH, etc. are a plus.
- Prolonged periods of sitting at a desk and working on a computer.
- Must be able to lift 15 pounds at times.
- Be able to travel to headquarters up to a few times a year. Travel expected to be minimal.
- A work environment conducive to sensitive analytic work (few interruptions, private and operationally secure).