We are looking for a Vehicle SOC Analyst (Student Position) to join the vSOC analysts team and focus on addressing potential vehicle and API security incidents, and creating and implementing, together with customers, strategies for containment and recovery.
As a Vehicle SOC Analyst you will use threat intelligence, previous similar attack vectors, and insights from internal research teams to pinpoint affected assets, the type of attack, and the extent of the attack.
The Vehicle SOC Analyst will assist in creating and maintaining playbooks and ensuring the correct training is in place so that team members can implement procedures and policies effectively.
Additionally, the Vehicle SOC Analyst will act as a security point of contact for managed services for customers and assist in troubleshooting real-time potential security alerts.
This role is part-time and based in Herzliya, Israel.
Responsibilities:
Primarily responsible for security event monitoring, management, and response.
Triage incoming alerts (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security risks).
Provide administrative support for daily operational activities.
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
Revise and develop processes and playbooks to strengthen the current Security Operations Framework.
Identify threat vectors and develop use cases for security monitoring.
Fine tune detection logic and machine learning profiles.
Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
Support Root cause analysis (RCAs) process for events escalated to incident levels.
Requirements: BSc. / BA Student - a must.
Position requires availability for on-call shifts as part of a rotating schedule.
Availability for at least two working days a week - from office.
Familiar with Incident Management and Response.
Experience in preparation of reports, dashboards, and documentation.
Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Strong troubleshooting and problem-solving skills.
Ability to handle high pressure situations with key stakeholders.
Excellent interpersonal skills, positive attitude and outstanding customer approach.
Demonstrates adaptability to changing priorities in a dynamic environment, with the ability to multitask and proactively address issues and requests.
Have excellent written and verbal communication skills.
Familiarity with malware techniques and attack techniques (e.g. code injection, DGA, hooks, etc.)- an advantage.
Familiarity with APIs, OWASP API TOP 10 - an advantage.
Familiarity with big data platforms and data analysis (e.g. SQL, python)- an advantage.
Knowledge of applications, databases, middleware to address security threats- an advantage.
This position is open to all candidates.