מספר משרה: 38413

SOC Engineer

NOC/SOC
פתח תקווה

תיאור המשרה

We are looking for an experienced and professional Information Security SOC Engineer.

TL.DR - you will be responsible for maintaining SIEM environment, creating correlation rules, building automation flow, comprehensive log analysis, anomaly detection mechanisms, and security monitoring design.

About the company:
The global leader in Identity Security centered on privileged access management. They provide the most comprehensive security offering for any identity – human or machine – across business applications.

Responsibilities:
  • Maintain and enhance SOC security systems such as SIEM, SOAR, PT simulations, and other market-leading systems to always own complete defense visibility and continuously align it with new attack vectors and techniques.
  • Design and write code to support SOC and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development, etc.
  • Lead design and implementation of security orchestrator, automation, and response (SOAR) system.
  • Deploy, configure, and support all components of the SIEM environment. Engineering and creating SIEM dashboards, alerts, and reports. Onboard and monitor new data sources to the SIEM and optimize/tune SIEM environment (including normalizing data).
  • Improve our in-house incident response capabilities by building and developing new threat management practices, authoring, and adapting playbooks
  • Research, simulate, and run penetration tests using publicly available and proprietary tools.
  • According to need. lead security projects/activities with other security and R&D groups.

Requirements:
  • At least 2 years of experience as a SOC engineer/security analysis in a high-tech company – a must
  • Excellent understanding and proven hands-on experience with a leading SIEM (Splunk - an advantage) system: defining and building correlation, aggregation, normalization, and parsing – a must
  • Experience in SOAR system (Cortex XSOAR- an advantage): design and implement playbooks, write scripts and tools (connectors) – a must
  • Scripting/coding experience (Python, PowerShell, etc.) for developing, extending, or modifying exploits, shellcode, or exploit tools.
  • Experience analyzing network, host-based security events, and attacker tactics & techniques.
  • The job requires high availability.

*הפנייה לנשים וגברים כאחד.

שתף את המשרה
לכל המשרות שלנו

הגשת מועמדות למשרה זו

    ONE © כל הזכויות שמורות 2022
    נבנה ע"י פרומו - אסטרטגיה שיווקית ופרסום.