Cyber Security Analyst
By clicking Apply Now you agree to share your profile information with the hiring company.
monday is looking for a highly skilled and motivated Security Operations Center (SOC) Analyst - to join our IT Cyber Security team. As a SOC Analyst, you will play a critical role in building, automating, monitoring and responding to security incidents, ensuring the integrity and confidentiality of our clients' data and systems.
#LI-DNI
About The Role:
- Build and automate advanced security operations.
- Monitor security alerts and events in real-time, investigate potential incidents, and escalate as necessary.
- Conduct in-depth analysis of security events and incidents to determine their impact and scope.
- Collaborate with various stakeholders to coordinate incident response activities.
- Provide expertise and guidance in identifying and mitigating security vulnerabilities and threats.
- Perform threat-hunting activities to proactively identify and assess emerging threats.
- Assist in the development and enhancement of SOC processes and procedures.
- Generate detailed incident reports and document incident response activities.
- Stay up-to-date with the latest cybersecurity threats, trends, and best practices.
- Investigate and review security logs in order to detect potential malware, and threats and create SIEM rules based on your findings.
- Write detection rules documentation with actionable recommendations for mitigations.
Requirements
- In-depth knowledge of SIEM/SOC - Hands-on experience with SIEM Technologies such as QRadar, Splunk, Coralogix, etc.
- Good knowledge of writing detection rules with actionable recommendations for remediations/mitigations.
- Strong passion for the Cyber world with wide knowledge about different CyberAttacks and knowing the ways to protect against them. [e.g. - BruteForce , DDOS , MiTm]
- Knowledge of host forensics using tools for Mac and Windows (such as Sys-internals)
- Familiarity with different data and log sources for monitoring, (e.g., EDR, IDP, IPS, IDS, FW, CSPM, CDR, CWP)
- Fundamental familiarity with Data science, machine learning, and User behavior - advantage
- Hands-on experience with a range of security technologies and tools, such as firewalls, intrusion detection/prevention systems, endpoint detection solutions
- Continuous learning: a thirst for knowledge and a commitment to staying up-to-date with the latest threats, vulnerabilities, and industry trends. This involves attending
- Experience with network technologies, topology, and network monitoring tools
- Effective communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships.
- Familiarity with Incident response triage on cloud environments, (AWS, GCP,Azure)
See More