דרושים » אבטחת מידע וסייבר » SOC Analyst

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

Required Cyber Security Analyst
About the Role:
As a Cyber Security Analyst, you will play a critical role in safeguarding our cloud-based IT infrastructure, products and customers. You will proactively manage security incidents, collaborate closely with various teams, and continuously enhance our security operations and response capabilities.
Key Responsibilities:
Investigate, analyze, and respond to security incidents escalated by our SIEM/SOC service and other internal sources.
Serve as the primary focal point with our SIEM/SOC provider, maintaining high service standards, expanding log coverage, enhancing detection capabilities, and optimizing workflows.
Lead and coordinate incident response activities, ensuring thorough reporting and actionable insights.
Actively participate in developing and refining our incident response playbooks, policies, and security procedures.
Own the handling of hacking and abuse incidents affecting our products and customers, conducting thorough investigations with various tools, proactively blocking abusive accounts, and updating security rules.
Collaborate cross-functionally with IT, Devops, Customer Support, Legal, and other stakeholders to effectively remediate security incidents and strengthen our overall security posture.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

Required Security Operations Center Manager
Job Description
Lead and mentor SOC team members, manage 24/7 shift operations, and recruit and develop a talented group of SOC analysts, ensuring timely escalation and process adherence
Leverage extensive SOC experience to manage computer security incidents by collecting, analyzing and preserving digital evidence
Utilize SIEM/BigData solutions and SOAR systems to locate, identify and investigate cybersecurity incidents, expediting data analysis
Work effectively both independently and as part of a team, collaborating with internal security and incident response teams while demonstrating strong verbal and written English communication skills
Recommend changes to standard operating procedures, create reports, dashboards, and metrics and share best practices to continually enhance SOC operations.

Required SOC Analyst - US Market
Who We Are
Were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving a diverse set of engineering challenges.
Want to make a big difference? We encourage you to apply!
What will you do?
Proactively monitor and analyze security events and alerts for global customers.
Perform triage of incoming alerts - assess the priority, determine risk, and respond.
Create tickets and escalate them to higher-level security analysts and developers.
Maintain strong knowledge and awareness of the current threat landscape.
Develop internal tools and procedures to automate security analysis tasks.
Work outbound with global customers to create the best insights and actionable data for their needs.

We are seeking a skilled and adaptable Solution Architect to manage deep technical engagements during both pre-sales and post-sales activities. This role focuses on ensuring smooth deployment, addressing post-sales technical challenges, and delivering long-term value to customers by leveraging advanced cybersecurity solutions.
Responsibilities
Build and maintain strong relationships with customers, serving as their trusted technical advisor to understand and address their needs, challenges, and goals.
Collaborate with internal teams, including Research and Development (R&D) and Product, to align solutions with customer needs.
Assist in the technical aspects of Proof of Concepts (PoCs) and lead pre-deployment readiness.
Drive post-sales success by solving complex technical issues, and implementing solutions in collaboration with customer and internal teams.
Proactively identify and communicate opportunities for improving customer security posture through solution enhancements and integrations.
Conduct technical training sessions for customer teams to ensure seamless adoption and effective use of platform.
Stay informed about the latest trends and technologies in cybersecurity, networking, and AI to provide cutting-edge solutions to customers.

Were looking for a Cloud Security Analyst to join our Product team and help expand the power.
In this role, youll play a key role in protecting our customers' cloud environments from cyber threats. Your work will directly contribute to customer success and push the boundaries of cloud security.
This isnt just a jobits a unique growth opportunity. Youll gain hands-on experience that can pave the way for exciting career paths in product management, security research, or development.
WHAT YOULL DO
Innovate and develop advanced detection mechanisms, algorithms, and automated solutions to accurately identify and classify technologies within cloud environments, enhancing our vulnerability management offering.
Analyze cloud services, APIs, and log payloads to ensure compliance with industry standards and customer requirements.
Stay current with the latest technologies and industry trends.
Implement customer requests and industry standards to position us as a market leader.
Collaborate with our Research and Backend teams.

we are seeking a Senior Threat Analyst to strengthen our cybersecurity threat intelligence capabilities. The ideal candidate will analyze complex datasets, identify and assess cyber threats, and develop actionable intelligence to mitigate risks from advanced persistent threats (APTs) and cybercriminal groups.
Responsibilities:
Analyze and interpret data from diverse internal and external sources to identify malicious activities and emerging threats.
Develop and maintain intelligence reports, threat actor profiles, and assessments of attack vectors and TTPs.
Enhance and maintain intelligence tools, processes, and platforms.
Collaborate with external threat intelligence communities to stay ahead of evolving threats.
Automate threat hunting and intelligence gathering through high-level programming and ETL pipelines.

We are looking for a Malware Analysis Team Leader with a deep focus on cybercrime investigations to lead a dynamic team of experts dedicated to identifying, analyzing, publishing, and mitigating cybercrime-related threats. This leadership role will drive advanced malware analysis efforts, conduct threat research, publish in top conferences and blogs, and coordinate with internal and external stakeholders to combat and prevent cybercriminal activities. The ideal candidate will have strong technical expertise in malware reverse engineering, a deep understanding of cybercrime tactics, and excellent communication skills, including the ability to present findings clearly and publish research for internal stakeholders and the broader cybersecurity community.

Key Responsibilities
Lead the Malware Analysis Team: Manage and mentor a team of skilled researchers on identifying, analyzing, and mitigating malware associated with cybercrime, including ransomware, banking Trojans, exploit kits, and other forms of cybercriminal malware.
Cybercrime Threat Intelligence: Collaborate with threat intelligence teams to analyze malware in the context of cybercrime syndicates and criminal activity. Identify trends, tactics, and patterns in malware usage by cybercriminal groups and provide actionable intelligence to relevant teams and external partners.
Malware Reverse Engineering: Lead efforts in reverse-engineering malicious software, tracking variants, and identifying attack techniques, tactics, and procedures (TTPs) cybercriminal actors use.
Cross-Functional Collaboration: Work closely with internal teams (e.g., Incident Response, Threat Intelligence, SOC) and external stakeholders (e.g., law enforcement, CERT, threat intelligence providers) to share findings, collaborate on investigations and coordinate actions to disrupt cybercrime activities.
Publication and Thought Leadership: Produce detailed, high-quality research reports and technical papers based on malware analysis and cybercrime investigations. Contribute to the publication of findings in industry-leading forums, conferences, and journals, establishing the organization as a thought leader in cybersecurity.
Presentations and Reporting: Prepare and deliver presentations to technical and non-technical stakeholders, including executives, legal teams, and law enforcement. Communicate complex findings, research insights, and actionable intelligence on cybercrime and malware trends.
Training and Development: Mentored junior team members, providing guidance on malware analysis techniques, threat hunting, and reporting. Foster a culture of continuous improvement, encouraging knowledge sharing and professional development within the team.

In this position you will
security analyst dedicated to a major customer
Be on the customer site 4 days a week leading all their related activities and will be the liaison between and the customer, will translate their security needs to features and work closely with our Product, Security, SOC, Dev teams on implementing the requirements
Implement customized rules to match security needs for the customer
Perform ongoing security analysis and triage of escalated and critical endpoint alerts
Participate in various stages of incident investigations and threat hunting