Sygnia is a top tier cyber technology and services company, providing consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond and defeat attacks within their networks. It is the trusted advisor and cybersecurity service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.
The company draws on top talent from the ranks of elite military technology units and from across the cyber industry and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.
Sygnia is looking for a SOC Analyst to join the team of cybersecurity analysts monitoring services 24/7, tier 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a “can-do” attitude.
· Work across all areas of Sygnia’s SOC to include continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning and forensics.
· Solving security incidents under defined service level agreements and objectives.
· Prioritize and differentiate between potential incidents and false alarms.
· Addressing clients’ inquiries via phone, e-mail, and live chat.
· Work side by side with customers providing insightful incident reports.
· Work very closely with your peer & higher Tier analysts to make sure your analysis meets the quality standards.
· Identify opportunities for improvement and automation within the MXDR Operation Lead and lead efforts to operationalize your ideas
· Identify and offer solutions to gaps in current capabilities, visibility, and security posture
· Correlate information from disparate sources to develop novel detection methods
· 1 year of experience in a SOC/MDR or Managed EDR service, night and weekend shifts as well
· Strong analytical thinking, problem-solving mindset and independency.
· Independent, bright and positive analyst, who strive for excellency, and able to succeed in a dynamic environment.
· Basic understanding of the life cycle of advanced security threats, attack vectors and methods of exploitation.
· Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
· Good familiarity of common data and log sources for monitoring, detection and analysis (e.g., Event Logs, Firewall, EDR).
· Strong technical understanding of network fundamentals, common Internet protocols and system and security controls.
· Familiarity of system and security controls, including basic knowledge of host-based forensics and OS artifacts.
· Proficient knowledge and experience with scripting (e.g., Python).
· Familiarity with cloud infrastructure, web application and servers – an advantage.
· Fluent English (written, spoken) – a must. Another language – an advantage.