דרושים » אבטחת מידע וסייבר » SOC Analyst

we are looking for an Advanced Monitoring Analyst to join the team of cybersecurity analysts that performs advanced and tailored monitoring activities in post-breach clients' environments. The role includes the development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting, and enhancement of sensors and overall visibility status, as well as performing onboarding of new clients. The suitable candidate should be a team player with previous experience in SOC, SecOps, or security monitoring, independent, and with a "can-do" attitude, as well as possessing strong customer-facing capabilities.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud).

Responsibilities:

Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.

We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response

we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place

We are growing and is looking for a talented Threat Hunting Expert to join the company to enable our growth by investigating and hunting for sophisticated threat actors in the cyber security world.
The SOC Platform intelligently correlates events from every organizational data source and security solution, revealing undetected threats in modern enterprises and allowing security analysts to triage and investigate security events rapidly.
Team Axon comprises unique cyber security talents, who are responsible for proactively hunting for advanced threat actors over different attack platforms in our customers' environments, and for the investigation of sophisticated attacks. The team exhibits bleeding-edge threat hunting and research skills, which are applied over Enterprise, Cloud and SaaS platforms.
RESPONSIBILITIES:
What youll do:
Engage in continuous threat hunting practices and reveal below the radar attacks which bypassed current traditional security solutions.
Serve as an expert to our customers, Investigating sophisticated cyber attacks on customers environments over enterprise, cloud and application platforms.
Be at the heart of the Cyber Security threat landscape and research the most recent attack techniques found in the wild.
Be the focal point in the ecosystem, working closely with R&D, AI and product teams.
Implement cutting-edge detection strategies, and develop innovative investigation methodologies that will boost our platforms effectiveness and efficacy.
Be at the forefront of our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments.

we are looking for a Cybersecurity SOC Engineer to join the Global Security Operations team and support threat detection and incident response in our internal environments. The scope of the Security Operations team spans both the Enterprise and Product environments.

You will join a team of analysts and engineers who protect the enterprise that aims to protect the world from cyberattacks. In this role, you will quickly become an expert in Palo Alto Networks security products; primarily XDR, XSOAR, Next-Generation Firewalls and Prisma Cloud. You will also provide feedback to the engineering teams to continually improve our world-leading security products.

Required Cyber Security Data Analyst
Job Description:
Detect and characterize suspicious actors and abnormal behavior, to develop automatic data-driven solutions that mitigate cyber risks and threats
Conduct security research and critical incident investigation, leveraging insights from various technical data sources including application and infra raw logs, as well as users BI events
Be an integral part of data science projects - from the project definition, to the data collection, and evaluation of the model
Be the data expert in security projects and work closely with different teams across the company
Build and maintain reports, dashboards, and metrics, in addition to monitoring the integrity and validity of the data reported
Promote cyber security awareness and guidance to other teams within the company regarding our unique methodologies for threat analysis.

A B2B fast-growing cyber security start-up that fixes the root cause of most successful cyberattacks with a simple, fully automated platform for our trust segmentation and remote access.
We are seeking a highly motivated, versatile and skilled Security Analyst to join our dynamic team.
In this role, you will play a key part in building and implementing a new field within our product offerings. You will be responsible for envisioning and developing innovative security concepts, translating them into actionable designs, and implementing these advancements within our product suite.
Responsibilities:
Propose and develop innovative security concepts to enhance our cybersecurity solutions. Collaborate on the design and development of comprehensive security solutions for detection and prevention of cyber threats.
Apply data analytics techniques to investigate security-related data, extract actionable insights, and enhance threat intelligence.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
On a typical day youll:
Be responsible for completing a thorough software and systems risk assessment, identifying vulnerabilities within a network, and creating firewall rules, hardenings, or configuring systems to enhance existing security features.
Is expected to respond to, and document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way. They must also be proficient in:
Understanding complex technical issues and managing them within a fast-paced business environment
Maintaining all the software and hardware in relation to security
Documenting security certifications
Identifying current and emerging technology issues including security trends, vulnerabilities and threats
Threat intelligence
Sourcing and implementing new security solutions to better protect the organization
Conducting proactive research to analyze security weaknesses and recommend appropriate strategies
Liaising with vendors to implement security solutions