oin us to help leverage the data we have, as we solve exciting challenges such as building out new models, algorithms and solving complex business problems to grow and deliver customer-centric solutions in a multi-product/multi-channel financial services environment.
Whats it like working as a Junior SOC Specialist, Incident Response, ?
Your contribution delivering sustainable and measurable results in the following areas will be very important:
Identifying and responding to cyber threats - safeguarding our company's infrastructure and data. You will be primarily involved in supporting the alert development cycle, triaging and investigating alerts, assisting with the incident response lifecycle (investigation, containment, eradication, and recovery) and collecting and tracking metrics for reporting. You will be working alongside internal customers and our vendor support teams to ensure we are utilizing our security tools in accordance with corporate policies and growing business needs. You will work closely with Cybersecurity and IT teams to align priorities and execute plans for new initiatives, as well as contribute to process improvements and build documentation for new tools.
Need more details? Keep reading...
You will:
Monitor, analyze and report possible cybersecurity attacks.
Assist senior analysts with investigations and escalate findings as needed.
Investigate and perform analysis of threat indicators.
Gather Indicators of compromise and any relevant data to use with threat hunting activities.
Leverage security tools (Elastic, CrowdStrike and more) for analysis to identify malicious activities.
Analyze identified malicious activity to determine Tactics, Techniques and Procedures.
Assist with research, analysis and correlate gathered data from various resources to determine the impact of the incident.
Execute containment and eradication actions under guidance, following established playbooks.
Participate in on-call and hands-on scheduled shift rotations, including outside of business hours.
Support Security Incident Response and investigation alongside internal teams and 3rd party providers.
Document incident timelines, evidence, and actions taken for post-incident review.
Participate in post-incident reviews and contribute to lessons-learned reports.
Follow and contribute to incident response playbooks and runbooks.
Participate in tabletop exercises and IR simulations.
Assist with proactive security investigation and searches on corporate environments to detect malicious activities.
Maintain up-to-date understanding of security threats, countermeasures, security tools, cloud security and SaaS technologies.
Maintain technical proficiency through training, keeping up with industry est practices, and security frameworks.
Escalate investigation findings and security concerns to senior team members.
Contribute to tracking SOC operational metrics (MTTD, MTTR, alert fidelity).
דרישות:
1+ years of relevant experience in performing Cybersecurity Incident Response and Threat Hunting activities.
Familiarity with detection rules and alert logic.
Exposure to security tool integrations and basic understanding of SOAR concepts.
Familiarity with investigations and incident response using EDR tools such as CrowdStrike Falcon and SIEM tools such as Elastic Security (KQL, ESQL, Timeline analysis).
Basic understanding of forensic triage (disk, memory, network) and multiple operating systems (Mac, Linux, Windows).
Familiarity with SOC processes, playbooks, and incident reports.
Ability to communicate clearly and work effectively under pressure.
Basic understanding of programming and scripting concpts.
Basic understanding of NIST Cybersecurity Framework, MITRE ATT&CK.
Basic understanding of security products and device monitoring tools including Firewalls, IDS/IPS, Phishing and e-mail security, content filtering, DDoS, WAF, and more.
Brownie points if
GSEC, Security+, CySA+, CSA, CEH or similar relevan המשרה מיועדת לנשים ולגברים כאחד.