Position: SOC Security Analyst L2Location: Hybrid in Cork, IrelandShift Pattern: 4-on / 4-off rotating schedule (10-hour shifts). Rotation changes every 28 days:Day Early (Hybrid 50%): 7:00 AM – 5:00 PMDay Middle (Hybrid 50%): 12:00 PM – 10:00 PMNight (Remote): 9:00 PM – 7:00 AMSummary:BlueVoyant is seeking a Security Operations Center (SOC) Security Analyst L2 to help global customers manage and improve their cybersecurity posture. You will work in a fast-paced environment focused on minimizing the impact of security incidents and ensuring critical business operations remain uninterrupted.As a senior analyst, you serve as the technical expert and escalation point for junior analysts. Your deep understanding of modern attacks, intrusion data analysis, and remediation techniques ensures that threats are identified, escalated, and remediated with urgency and precision. You will mentor junior team members, support customers directly, and contribute to ongoing process and technology improvements. Key ResponsibilitiesAs a senior analyst, your primary responsibility is ensuring the safety and security of customer environments through expert analysis, escalation handling, and effective communication.Monitor and analyze security events and alerts from SIEM platforms, endpoint logs, network telemetry, and EDR toolsResearch indicators of compromise (IOCs) and malicious activity to determine reputation and riskConduct malware analysis, attacker infrastructure investigation, and forensic analysisExecute complex investigations and declare incidents when appropriatePerform live response and remote forensics on compromised endpointsConduct threat hunting activities based on behavioral anomalies and curated intelligenceParticipate in and support incident response, investigation, and documentationCollaborate closely with BlueVoyant Incident Response teams during active intrusionsEnsure events are accurately identified, analyzed, escalated, and documentedIdentify and tune false positives and benign detectionsPerform peer reviews and QA checks on junior analysts' investigationsMentor lower-level analysts and act as the technical escalation pointCommunicate regularly with clients regarding incidents, findings, and remediation stepsSupport Customer Success teams during client engagements as requiredAssist in improving security policies, procedures, tooling, and automationBasic Qualifications:People SkillsAbility to remain calm and effective in high-pressure security incident situationsAbility to work directly with customers to gather requirements and provide feedback on security servicesStrong written and verbal communication skills with the ability to translate complex technical concepts into clear, understandable languageStrong teamwork and interpersonal skills; comfortable working with a globally distributed teamWillingness and ability to work a 24/7/365 rotating shift scheduleTechnical SkillsExperience using SIEM solutions, Cloud App Security tools, and EDR platformsAdvanced understanding of network protocols and network telemetryKnowledge of Windows and Unix forensic artifacts and analysis methodsExpertise in endpoint, web, and authentication log analysisExperience creating SIEM/EDR detectionsExperience responding to modern authentication attacks (AD, Entra, OATH, etc.)Deep knowledge of common attack paths, including LOLBins, adversary tools, BEC attacks, AiTM, and lateral movement techniquesStrong knowledge of:SIEM workflows (preferably Microsoft Sentinel or Splunk)Modern authentication systems and attacks (SSO, OATH, Entra)Malware detection and analysis (dynamic and light static)Network and firewall logs, IDS/WAF, web traffic logsEmail security and BEC attack methodologiesWindows and Unix forensic artifacts (registry, wtmp/btmp, etc.)Windows PE and malicious document analysisLegitimate and malicious remote access methodsO365 attack paths and common adversary techniquesNetwork metadata and commonly abused protocolsCredential harvesting tools and methodologiesExperience countering ransomware threat actors (preferred) Preferred QualificationsExperience in intrusion analysis, incident response, digital forensics, penetration testing, or similar fields3+ years of hands-on SOC/TOC/NOC experienceGIAC certification(s) strongly preferredAdditional certifications such as CISSP, Security+, Network+, CEH, RHCA, RHCE, MCSA, MCP, MCSEFamiliarity with tools such as Microsoft Sentinel, Splunk, Microsoft Defender suite, CrowdStrike Falcon, SentinelOneFamiliarity with GPO, LANDesk, or other IT infrastructure toolsExperience with one or more programming languages (JavaScript, Python, Lua, Ruby, Go, Rust)EducationBachelor's degree in Information Security, Computer Science, or related IT field, or equivalent experienceAbout BlueVoyantAt BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy Actionability Timeliness ScalabilityLed by CEO, Jim Rosenthal, BlueVoyant's highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.BlueVoyant uses AI-assisted tools within our applicant tracking system to help identify candidates whose experience and skills best match the requirements of a role. This technology provides hiring teams with additional insights to support fair and efficient hiring decisions. Please note that all applications are reviewed by a member of our hiring team, and final hiring decisions are made by humans, not AI. By submitting your application, you acknowledge that AI tools may assist in the evaluation of your resume as part of the recruitment process. For more information on how we process your personal data, please review our Candidate Privacy Notice available at All employees must be authorized to work in the Republic of Ireland. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.BlueVoyant Candidate Privacy Notice To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice