SOC Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
In this role you will become a global information security group member and report to the SOC Team Leader within the CISO group. As a SOC Analyst you will be tasked with monitoring detecting analyzing and responding to security incidents utilizing various security tools and technologies. By addressing threats you will work collaboratively with other team members to sustain our security posture. Your responsibilities will also include developing automation for security playbooks to reduce Mean Time to Detect (MTTD). This position presents an excellent opportunity to be at the cutting edge of cybersecurity efforts operating in a dynamic and challenging environment to safeguard CyberArks critical assets.
Responsibilities:
- Operate the Information security SIEM/SOC to monitor and respond to any security alert and potential security incident.
- Take reactive and proactive actions against cyber threats and incidents
- Maintain and enhance SOC security systems such as SIEM SOAR PT simulations and additional other marketleading systems to always own complete defense visibility and to continuously align it with new attack vectors and techniques
- Handle SIEM alerts document actions and responses and track remediation actions.
- Design and write code to support SIEM and respective systems rules creation reports and dashboards playbook definitions and development interfaces development etc.
- Familiarity with cloud services cloud environment architecture and the major cloud providers (AWS GCP Azure)
- Research simulate and run penetration tests using publicly available proprietary tools.
- Lead security projects/activities with other security and R&D groups as needed.
#LICR1
Qualifications :
- At least 4 years of experience as a SOC Analyst a must
- Excellent understanding and proven handson experience with a leading Splunk SIEM system (defining and building correlation aggregation normalization and parsing).
- Proven experience in cloud threat hunting and working with AWS security tools an advantage
- Experience in SOAR system (Cortex XSOAR an advantage): design and implement playbooks write scripts and tools (connectors) an advantage.
- Strong understanding of security principles policies and industry best practices
- Networking knowledge understand networking essentials components data flows architecture ports wireless protocols etc.
- Solid understanding and practical experience in various Windows macOS and Linux flavors OS configuration file system structures OS components mobile operating systems etc.
- Scripting/coding experience (Python PowerShell etc.) for developing extending or modifying exploits shellcode or exploit tools
- Handson experience in static and dynamic malware analysis an advantage
- Excellent problemsolving/analytical skills
- Excellent communication andinterpersonalskills
- A team player working in a global team
- Ability to work in a multitasking environment
- Availability the job requires high availability
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
