דרושים Security Operations Center Analyst בתל אביב

Sygnia is the foremost global cyber readiness and response team, applying creative approaches and battle-tested solutions to help organizations beat attackers and stay secure. With a team of deep digital combat, leading-edge, purpose-built technology, and enterprise security specialists, it enables companies to proactively build cyber resilience and defeat attacks within their networks. Sygnia is a trusted advisor and service provider of technology and security teams, executives and boards of leading organizations worldwide. Sygnia supports clients at each stage of their security journey, bringing frontline experience and technological acumen to help them be unstoppable in the face of cyber threats. Learn more at Sygnia.co

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry, and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Sygnia is looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a ‘can-do’ attitude.

Responsibilities

• Working across all areas of Sygnia’s SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
• Solving security incidents in accordance with defined service level agreements and objectives.
• Prioritizing and differentiating between potential incidents and false alarms.
• Addressing clients’ enquiries via phone, email, and live chat.
• Working side-by-side with customers, providing insightful incident reports.
• Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
• Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
• Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
• Correlating information from disparate sources to develop novel detection methods.

Requirements

• At least one year of experience in a SOC/MDR or Managed EDR service, including night and weekend shifts.
• Strong analytical thinker, problem-solving mindset, and ability to succeed in a dynamic environment.
• Independent, bright and positive analyst who strives for excellence.
• Proficiency and experience with scripting (Python).
• Strong capabilities in drafting cyber security reports for clients.
• Basic understanding of the lifecycle of advanced security threats, attack vectors, and methods of exploitation.
• Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
• Familiarity with common data and log sources for monitoring, detection and analysis (e.g., Event Logs, firewall, EDR).
• Strong technical understanding of network fundamentals, common internet protocols, and system and security controls.
• Basic knowledge of host-based forensics and OS artifacts.
• Familiarity with cloud infrastructure, web application and servers – an advantage.
• Fluent English (written, spoken) – a must. Another language – an advantage.