A security software company located in Hertzelia is looking for a SOC Analyst Tier II.
Monitor security events and perform triage analysis to identify security incidents. Respond to security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements. Work closely with other teams to assess risk and provide recommendations for improving our security posture.
SOC Analyst tasks include but are not limited to:
Security Events and Logs monitoring, analysis and optimization
Incident response and handling, Tracking/reporting ofSecurity Events, Reports and Logs statistics
Performing Statistical Analysis of collected data and trending.
Analyze and investigate issues reported by employees.
Maintains situational awareness reports foradvanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
Preparation of the incident reports (L&L)
Working with and supporting a vertical and functional team across multiple geographic locations.
Author Standard Operating Procedures (SOPs) and training documentation when needed
Experience on an Incident Response team performing Tier I/II initial incident triage.
Must have direct experiencewith analyzing events from network traffic/AD/IDS/IPS/DLP/AV/EDR/FW/CloudApp Security and other information security tools.
Experience managing cases with enterprise SIEM systems like Arcsight, Splunk or similar.
Experience working with Microsoft systems: ATP Platform/MCAS/Azure security center/Log Analytics, etc.
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Scripting skills (e.g. Python, Power Shell scripting).
At least basic knowledge in: Malware Research, Forensics, PT
תחום: מערכות מידע IT