לוח משרות דרושים SOC/SIEM

As a CyOps Analyst, you will be investigating security alerts from the company  platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
*  Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.
About Us:
we are a technology-oriented company continuously looking for new ways to innovate the Cybersecurity world. Our main priority is to defend our customers from any harm in the vast digital ocean. But Cynet is more than just a product, we are a family. We value each one of our members and their inputs. Cynet is a place where your work will have a direct impact on the way we service our customers.

We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud).

Responsibilities:

Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.

A Tier 1 Analyst in a SOC is a junior position and a great opportunity to take the first step in the world of Cyber Security.
The SOC collects information from various sources, monitors customers infrastructure, servers and security software,
and alerts in real time about any malicious activity that might affect the customers business continuity or/and cause damage.

We are looking for a Tier 1 SOC Analyst
What will your day look like?
A Tier 1 Analyst in a SOC is a junior position and a great opportunity to take the first step in the world of Cyber Security.
The SOC collects information from various sources, monitors customers infrastructure, servers and security software,
and alerts in real time about any malicious activity that might affect the customers business continuity or/and cause damage.

we are looking for a Cybersecurity SOC Engineer to join the Global Security Operations team and support threat detection and incident response in our internal environments. The scope of the Security Operations team spans both the Enterprise and Product environments.

You will join a team of analysts and engineers who protect the enterprise that aims to protect the world from cyberattacks. In this role, you will quickly become an expert in Palo Alto Networks security products; primarily XDR, XSOAR, Next-Generation Firewalls and Prisma Cloud. You will also provide feedback to the engineering teams to continually improve our world-leading security products.

we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
On a typical day youll:
Be responsible for completing a thorough software and systems risk assessment, identifying vulnerabilities within a network, and creating firewall rules, hardenings, or configuring systems to enhance existing security features.
Is expected to respond to, and document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way. They must also be proficient in:
Understanding complex technical issues and managing them within a fast-paced business environment
Maintaining all the software and hardware in relation to security
Documenting security certifications
Identifying current and emerging technology issues including security trends, vulnerabilities and threats
Threat intelligence
Sourcing and implementing new security solutions to better protect the organization
Conducting proactive research to analyze security weaknesses and recommend appropriate strategies
Liaising with vendors to implement security solutions

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. XM Cyber transforms exposure management by demonstrating how attackers leverage and combine misconfigurations, vulnerabilities, identity exposures, and more across cloud and on-prem environments to compromise critical assets. With XM Cyber, you can see all the ways attackers might go and all the best ways to stop them, pinpointing where to remediate exposures with a fraction of the effort. We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud). Responsibilities:
* Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
* Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
* Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
* Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
* Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
* Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
* Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.