Cyberark SOC Analyst 

Israel 

388629967

In this role, you will become a global information security group member and report to the SOC Team Leader within the CISO group. As a SOC Analyst, you will be tasked with monitoring, detecting, analyzing, and responding to security incidents utilizing various security tools and technologies. By addressing threats, you will work collaboratively with other team members to sustain our security posture. Your responsibilities will also include developing automation for security playbooks to reduce Mean Time to Detect (MTTD). This position presents an excellent opportunity to be at the cutting edge of cybersecurity efforts, operating in a dynamic and challenging environment to safeguard CyberArk's critical assets.

Responsibilities:

• Operate the Information security SIEM/SOC to monitor and respond to any security alert and potential security incident.
• Take reactive and proactive actions against cyber threats and incidents
• Maintain and enhance SOC security systems such as SIEM, SOAR, PT simulations, and additional other market-leading systems to always own complete defense visibility and to continuously align it with new attack vectors and techniques
• Handle SIEM alerts, document actions and responses, and track remediation actions.
• Design and write code to support SIEM and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development etc.
• Familiarity with cloud services, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
• Research, simulate, and run penetration tests using publicly available proprietary tools.
• Lead security projects/activities with other security and R&D groups as needed.

• At least 4 years of experience as a SOC Analyst – a must
• Excellent understanding and proven hands-on experience with a leading Splunk SIEM system (defining and building correlation, aggregation, normalization, and parsing).
• Proven experience in cloud threat hunting and working with AWS security tools – an advantage
• Experience in SOAR system (Cortex XSOAR- an advantage): design and implement playbooks, write scripts and tools (connectors) – an advantage.
• Strong understanding of security principles, policies, and industry best practices
• Networking knowledge – understand networking essentials, components, data flows, architecture, ports, wireless protocols, etc.
• Solid understanding and practical experience in various Windows, macOS and Linux flavors, OS configuration, file system structures, OS components, mobile operating systems, etc.
• Scripting/coding experience (Python, PowerShell, etc.) for developing, extending, or modifying exploits, shellcode or exploit tools
• Hands-on experience in static and dynamic malware analysis - an advantage
• Excellent problem-solving/analytical skills
• Excellent communication and interpersonal skills
• A team player – working in a global team
• Ability to work in a multi-tasking environment
• Availability – the job requires high availability