What you will do:
- Operate the Information security SIEM/SOC to monitor and respond to any security alert and potential security incident.
- Take reactive and proactive actions against cyber threats and incidents
- Maintain and enhance SOC security systems such as SIEM, SOAR, PT simulations, and additional other market-leading systems to always own complete defense visibility and to continuously align it with new attack vectors and techniques
- Handle SIEM alerts, document actions and responses, and track remediation actions.
- Design and write code to support SIEM and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development etc.
- Familiarity with cloud services, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
- Research, simulate, and run penetration tests using publicly available proprietary tools.
- Lead security projects/activities with other security and R&D groups according to need.
#LI-JH1
Requirements
What you need to succeed:
- At least 2 years of experience as a SOC operator โ a must
- At least 3 years of experience in security analysis in a high-tech company
- Excellent understanding and proven hands-on experience with a leading Splunk SIEM system (defining and building correlation, aggregation, normalization, and parsing).
- Proven experience in cloud threat hunting and working with AWS security tools โ an advantage
- Experience in SOAR system (Cortex XSOAR- an advantage): design and implement playbooks, write scripts and tools (connectors) โ an advantage.
- Strong understanding of security principles, policies, and industry best practices
- Networking knowledge โ understand networking essentials, components, data flows, architecture, ports, and protocols, wireless, etc.
- General operating system knowledge โ Solid understanding and practical experience in various flavors of Windows, macOS and Linux, OS configuration, file system structures, OS components, mobile operating systems etc.
- Scripting/coding experience (Python, PowerShell, etc.) for developing, extending, or modifying exploits, shellcode or exploit tools
- Hands-on experience in static and dynamic malware analysis - an advantage
- Excellent problem-solving/analytical skills
- Excellent communication and interpersonal skills
- A team player โ working in a global team
- Ability to work in a multi-tasking environment
- Availability โ the job requires high availability
- Must be a US Citizen
ย
Cyberark
CyberArk is the global leader in identity security, providing the most comprehensive security offering for any identity โ human or machine โ across business applications, distributed workforces, hybrid cloud environments, and throughout the DevOps lifecycle
Other jobs at Cyberark
ย
ย
ย
ย
ย
ย
ย
ย
Notifications about similar jobs
Get notifications to your inbox about new jobs that are similar to this one.
No spam. No ads. Unsubscribe anytime.
Similar jobs
ย
ย
ย
ย
ย
ย
ย
ย