SecOps Specialist

monday.com is looking for a Senior SOC and IRT Specialist who will focus on designing, building, maintaining, and optimizing our SIEM and state-of-the-art Security Operations Center initiatives and facilities. As, a Senior member of the team, you will work closely with many internal stakeholders and drive the vision and end-to-end execution of our worldwide security operations and observability. You will also be a key part of our incident response efforts to protect our company and customer data.

About The Role
Ensure 24/7 monitoring of security alerts and incidents within a team of highly skilled SOC analysts
Establish and enforce SOC processes, procedures and workflows to detect, analyze, contain and eliminate incidents efficiently
Prepare incident response plans and playbooks for different types of security incidents (e.g., malware outbreaks, data breaches, DDoS attacks)
Communicate with stakeholders and resolve security incidents as part of incident response activities
Identify root causes of incidents and recommend corrective actions to prevent future ones
Manage, maintain and optimize the SOC's security monitoring tools, SIEM systems and other technologies
Optimize and configure security tools to provide maximum visibility
Define, monitor and achieve targets for key performance indicators (KPIs) for SOC operations
Prepare regular reports on SOC activities, incident trends, and metrics for senior management and stakeholders
Design and implement processes and procedures to keep the team up-to-date with the latest cybersecurity threats, technologies, and best practices
Your Experience & Skills
5+ years as a Security Operations Center (SOC) analyst in a global, enterprise-level environment - MUST!
Bachelor’s degree in Computer Science, Information Technology, or a related field; relevant certifications (e.g., CISSP, CISM, GIAC) preferred
Hands-on experience implementing and managing threat detection - MUST!
Deep experience in security automation, with a focus on developing and implementing SOAR solutions
Experience in WAF alerts and logs to detect various attack vectors (DDOS, SQL injection)
Knowledge in Splunk, including ML models for anomaly detection.
Experience in leading incident response.
Extensive experience working within multi-cloud environments (AWS, Azure, GCP) and SaaS applications.
Demonstrated ability to collaborate across departments.
Passion for continuous learning and staying ahead of evolving cybersecurity threats.
Apply to this job
Review our job candidate privacy notice