SOC Cybersecurity Analyst null

Responsibilities

• Participate in evaluation, implementation, administration and troubleshooting of security tools in the portfolio (AV, EDR, HIDS, NIDS, DLP, etc.)
• Handle SOC security alerts from different security tools and reports (phishing email, malware, intrusion, data leak, vulnerability, etc.)
• Help Improve our detection capabilities by creating new and/or fine-tune alerts on our big-data SIEM
• Automating and developing tools to improve our detection and response capability (Python, SOAR, etc.)
• Respond to security incidents and perform digital investigations.
• Write and maintain Security Operations playbooks and standard operating procedures.
• Participate in Blue/Red teams exercise to test and improve our monitoring and response capabilities.
• Maintain current knowledge and understanding of the threat landscape and emerging security threats.
• Develop offensive and defensive skills to be able to protect our assets

Requirements

• Good knowledge of Windows OS
• Good knowledge of TCP/IP, UDP, DNS, SSH, SSL/TLS and common network Protocols, network analysis
• Programming experience in Python, Shell scripting or other languages
• BS/MS in Computer Science or equivalent practical experience
• English working proficiency (written and spoken)
• Available to work on-call and on occasional overtime (weekends, sale campaigns, etc.)
• Passionate, curious, eager to learn.
• Preferred relevant SOC experience looking at security alerts, analysis and response
• Log management and SIEM operation
• Malware analysis (static and dynamic)
• Digital forensics
• Knowledge of vulnerability management and pen testing
• Good knowledge of macOS
• Any of the following certifications will also be advantageous: OSCP, OSEP, GCWN, GCIA, GCIH, GMON, GCFA, GREM, GSE