SOC Manager

פתח תקווה |
5-6 שנים |
משרה מלאה
| לפני 18 שעות
תיאור משרה

We are looking for a SOC Manager that will lead the 24/7 ProActive SOC (Monitoring, Detect & Incident Response) services that are provided to our cloud-based (AWS, GCP, Azure) customers. Managing SOC Tier 1 operational in emphasis to enable the effective detection and response to cloud-oriented cyber security incidents of our customers.

The role will involve:

As a Senior Cyber Manager in the Security Operations Centre (SOC) function, the role provides technical leadership and strategic direction to Tier 1 cyber analyst teams.
This role will lead and develop the SOC capability, (people, technology, and process) to support the overall Threat Monitoring and Response team.
Manage and execute hands-on technical detection, analysis, containment, eradication, and remediation to support day-to-day SOC operations.
Provide guidance and mentorship to improve the skill sets of analysts and ensure the delivery of high-quality analysis and work products.
Ensure accountability and punctuality of security analysts, holding team members to the highest standards of professionalism.
Collect and report Cybersecurity metrics to support executive-level briefings on a daily, weekly, and monthly basis.
Establish and maintain trusted business relationships with the customer and other relevant stakeholders.
Conduct thorough analysis and quality assurance of the team's work product to ensure accuracy and effectiveness.
Responsibilities for managing advance (IR) Incident Response routines and escalation processing

דרישות התפקיד

More than 4 years of relevant work experience as a SOC T1/T2 leader
Knowledge of protecting cloud environments (AWS, GCP, Azure) and integrating them into SIEM
Experience as a Senior Security Analyst leading a team.
Experience with Security Operations Center, network event analysis, and/or threat analysis
Experience working as an Incident Responder
Knowledge of various security methodologies and technical security solutions
Experience analyzing data from cybersecurity monitoring tools, parsing, and integrating log sources to them (Qradar, Splunk, Sentinel, Elastic, etc)
Ability to analyze endpoint, network, and application logs.
Experience tuning and/or configuring SIEM and vulnerability tools.
Knowledge of common Internet protocols and applications
Scripting experience in Linux or PowerShell preferred.

* משרה זו פונה לנשים וגברים כאחד.