SecOps Specialist

Description

monday.com is looking for a Senior SOC and IRT Specialist who will focus on designing, building, maintaining, and optimizing our SIEM and state-of-the-art Security Operations Center initiatives and facilities. As, a Senior member of the team, you will work closely with many internal stakeholders and drive the vision and end-to-end execution of our worldwide security operations and observability. You will also be a key part of our incident response efforts to protect our company and customer data.

About The Role

• Ensure 24/7 monitoring of security alerts and incidents within a team of highly skilled SOC analysts
• Establish and enforce SOC processes, procedures and workflows to detect, analyze, contain and eliminate incidents efficiently
• Prepare incident response plans and playbooks for different types of security incidents (e.g., malware outbreaks, data breaches, DDoS attacks)
• Communicate with stakeholders and resolve security incidents as part of incident response activities
• Identify root causes of incidents and recommend corrective actions to prevent future ones
• Manage, maintain and optimize the SOC's security monitoring tools, SIEM systems and other technologies
• Optimize and configure security tools to provide maximum visibility
• Define, monitor and achieve targets for key performance indicators (KPIs) for SOC operations
• Prepare regular reports on SOC activities, incident trends, and metrics for senior management and stakeholders
• Design and implement processes and procedures to keep the team up-to-date with the latest cybersecurity threats, technologies, and best practices

Requirements

• 5+ years as a Security Operations Center (SOC) analyst in a global, enterprise-level environment - MUST!
• Bachelor’s degree in Computer Science, Information Technology, or a related field; relevant certifications (e.g., CISSP, CISM, GIAC) preferred
• Hands-on experience implementing and managing threat detection - MUST!
• Deep experience in security automation, with a focus on developing and implementing SOAR solutions
• Experience in WAF alerts and logs to detect various attack vectors (DDOS, SQL injection)
• Knowledge in Splunk, including ML models for anomaly detection.
• Experience in leading incident response.
• Extensive experience working within multi-cloud environments (AWS, Azure, GCP) and SaaS applications.
• Demonstrated ability to collaborate across departments.
• Passion for continuous learning and staying ahead of evolving cybersecurity threats.

Social Title
None

Social Description
None

Our Team
None

Position Type
None

About The Team (Internal)
None

Internal requirements
None