Description

monday is looking for a highly skilled and motivated Security Operations Center (SOC) Analyst - Tier 2 to join our IT Cyber Security team. As a Tier 2 SOC Analyst, you will play a critical role in monitoring and responding to security incidents, ensuring the integrity and confidentiality of our clients' data and systems.

About The Role

• Monitor security alerts and events in real-time, investigate potential incidents, and escalate as necessary.
• Conduct in-depth analysis of security events and incidents to determine their impact and scope.
• Collaborate with Tier 1 SOC Analysts and other stakeholders to coordinate incident response activities.
• Provide expertise and guidance in identifying and mitigating security vulnerabilities and threats.
• Perform threat-hunting activities to proactively identify and assess emerging threats.
• Assist in the development and enhancement of SOC processes and procedures.
• Generate detailed incident reports and document incident response activities.
• Stay up-to-date with the latest cybersecurity threats, trends, and best practices.
• Investigate and review security logs in order to detect potential malware, and threats and create SIEM rules based on your findings.
• Write detection rules documentation with actionable recommendations for mitigations.
  
  

• In-depth knowledge of SIEM/SOC - Hands-on experience with SIEM Technologies such as QRadar , Splunk , Coralogix, etc.
• Good knowledge of writing detection rules with actionable recommendations for remediations / mitigations.
• Strong passion for the Cyber world with wide knowledge about different CyberAttacks and knowing the ways to protect against them. [e.g. - BruteForce , DDOS , MiTm]
• Knowledge of host forensic using tools like Sys-internals
• Familiarity with different data and log sources for monitoring, (e.g., EDR,IDP, IPS,IDS, FW,CSPM, CWP)
• Hands-on experience with a range of security technologies and tools, such as firewalls, intrusion detection/prevention systems, endpoint detection solutions
• Continuous learning: a thirst for knowledge and a commitment to staying up-to-date with the latest threats, vulnerabilities, and industry trends. This involves attending
• Experience with network technologies, topology, and network monitoring tools
• Effective communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships.
• Familiarity with Incident response triage on cloud environments, (AWS, GCP,Azure)