Bayview Fund Management, LLC
Associate, SOC Analyst
Bayview Fund Management, LLC, Coral Gables, Florida, United States,
Overview
POSITION SUMMARY:The Bayview Security Operations Center (SOC) is looking for a seasoned professional to join our enthusiastic, innovative, and results driven team. The Associate, SOC Analyst will be the first line of defense in detecting and responding to security incidents at Bayview. In this role, you will perform daily incident response triage activities and investigate cybersecurity incidents as necessary and will also perform proactive threat hunting activities to ensure a robust protection and detection posture. This role requires strong technical skills, curiosity, critical thinking, and a solid understanding of security tools and processes.Key Responsibilities:Monitor security alerts and notifications from various security platforms and log sources, including SIEM, IDS/IPS, firewalls, and endpoint protection tools to identify suspicious activityTriage potential security incidents to identify false-positives, determine scope and impact, and work with stakeholders across the organization to respond to incidents in a timely manner.Escalate incidents to senior analysts as necessaryWork with customers to investigate potential phishing emails and take corrective actions.Contribute to the development and optimization of SIEM use cases, correlation rules, and incident response playbooksAssist with the integration of threat intelligence into the SOC’s detection and response processesDocument security incidents, findings, and remediation actions in incident tracking systemsContribute to the creation of daily, weekly, and monthly security reports for management and stakeholdersCommunicate security events and incidents clearly and concisely to both technical and non-technical audiencesMinimum Qualifications:Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Additional relevant experience and/or certifications may be considered in lieu of a degree.5+ years of cybersecurity experience2+ years of experience working in an operational environment (e.g., SOC, NOC).A deep understanding of cybersecurity concepts, security infrastructure, threat actors, and common attack vectors is requiredExperience with log analysis and knowledge of common Windows Event IDs is requiredHands-on experience with Splunk SIEM is requiredProven ability to analyze and respond to security incidentsKnowledge of security frameworks such as NIST CSF and MITRE ATT&CK is requiredA fundamental understanding of Windows, Linux and Mac operating systems is required
.
System administration experience is preferred.A fundamental understanding of network communications, to include common protocols and applications is requiredExperience with Python, PowerShell, and Bash scripting is strongly desiredExperience with Azure and AWS cloud infrastructure and security tools is strongly desiredMust be detail oriented, organized, and have strong analytical skillsOne or more of the following certificates is preferred: CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GSFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Enterprise Defender (GCED), Computer Hacking Forensic Investigator (CHFI), EC-Council Certified Incident Handler (ECIH), EC-Council Certified Security Specialist (ECSS), Certified Ethical Hacker (CEH), Certified Cyber Forensics Professional (CCFP), AWS Security Specialist, Azure Security Engineer AssociateLocation & Compensation:Location: Located anywhere in the US / Remote roleBase compensation is expected to be $110,000-140,000 with the opportunity for incentive compensation including bonus compensation.Physical Demands and Work EnvironmentThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus.EEOCBayview is an Equal Employment Opportunity employer. All aspects of consideration for employment and employment with the Company are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or any other category protected by federal, state, or local law.
#J-18808-Ljbffr
POSITION SUMMARY:The Bayview Security Operations Center (SOC) is looking for a seasoned professional to join our enthusiastic, innovative, and results driven team. The Associate, SOC Analyst will be the first line of defense in detecting and responding to security incidents at Bayview. In this role, you will perform daily incident response triage activities and investigate cybersecurity incidents as necessary and will also perform proactive threat hunting activities to ensure a robust protection and detection posture. This role requires strong technical skills, curiosity, critical thinking, and a solid understanding of security tools and processes.Key Responsibilities:Monitor security alerts and notifications from various security platforms and log sources, including SIEM, IDS/IPS, firewalls, and endpoint protection tools to identify suspicious activityTriage potential security incidents to identify false-positives, determine scope and impact, and work with stakeholders across the organization to respond to incidents in a timely manner.Escalate incidents to senior analysts as necessaryWork with customers to investigate potential phishing emails and take corrective actions.Contribute to the development and optimization of SIEM use cases, correlation rules, and incident response playbooksAssist with the integration of threat intelligence into the SOC’s detection and response processesDocument security incidents, findings, and remediation actions in incident tracking systemsContribute to the creation of daily, weekly, and monthly security reports for management and stakeholdersCommunicate security events and incidents clearly and concisely to both technical and non-technical audiencesMinimum Qualifications:Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Additional relevant experience and/or certifications may be considered in lieu of a degree.5+ years of cybersecurity experience2+ years of experience working in an operational environment (e.g., SOC, NOC).A deep understanding of cybersecurity concepts, security infrastructure, threat actors, and common attack vectors is requiredExperience with log analysis and knowledge of common Windows Event IDs is requiredHands-on experience with Splunk SIEM is requiredProven ability to analyze and respond to security incidentsKnowledge of security frameworks such as NIST CSF and MITRE ATT&CK is requiredA fundamental understanding of Windows, Linux and Mac operating systems is required
.
System administration experience is preferred.A fundamental understanding of network communications, to include common protocols and applications is requiredExperience with Python, PowerShell, and Bash scripting is strongly desiredExperience with Azure and AWS cloud infrastructure and security tools is strongly desiredMust be detail oriented, organized, and have strong analytical skillsOne or more of the following certificates is preferred: CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GSFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Enterprise Defender (GCED), Computer Hacking Forensic Investigator (CHFI), EC-Council Certified Incident Handler (ECIH), EC-Council Certified Security Specialist (ECSS), Certified Ethical Hacker (CEH), Certified Cyber Forensics Professional (CCFP), AWS Security Specialist, Azure Security Engineer AssociateLocation & Compensation:Location: Located anywhere in the US / Remote roleBase compensation is expected to be $110,000-140,000 with the opportunity for incentive compensation including bonus compensation.Physical Demands and Work EnvironmentThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus.EEOCBayview is an Equal Employment Opportunity employer. All aspects of consideration for employment and employment with the Company are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or any other category protected by federal, state, or local law.
#J-18808-Ljbffr