Security Operations Engineer

Welcome to the future of cloud networking and security!

Cato Networks is the first company to converge enterprise networking and security into one centralized and global service that is delivered by cloud. It is led by networking and security pioneer Shlomo Kramer (Check Point, Imperva) and early investor (Palo Alto Networks, Exabeem, Trusteer and more). Cato’s unique technology inspired a brand-new product category, later named “SASE” by Gartner and a market expected to reach $25 billion by 2027.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader – don’t miss it!

Responsibilities

• Support, maintain, and operate existing and new security infrastructure and technologies used by the Security group and make recommendations to enhance threat detection and incident response.
• Maintain, tune, enhance, and troubleshoot SIEM Solution to deliver optimal performance and best detection and investigation capabilities.
• Identify new data sources and integrate them into monitoring operations
• Collaborate with various departments to identify and characterize risky cases, critical assets, and workflows, and enhance monitoring and incident response processes accordingly.
• Build up and improve real-time security monitoring and incident response framework and playbooks with the possibility to automate workflows
• Working with security analysts on serving as escalation point, promoting knowledge sharing and improving documentation
• Provide escalation point for incident response, investigation, support and triage to security alerts for security analysts
• Support vulnerability management process by helping teams building consolidated dashboards and insights to prevent future incidents
  
  

• Hands-on experience with Security Information and Event Management (SIEM)
• Installation, administration and maintenance
• Integration with data sources including creating custom pipelines and APIsFine tuning of rules and data ingestions.
• Advantage: Experience with ELK Stack
• Experience working in security incident response (SOC analyst, information security engineer responding to alerts, etc.)
• Advantage: Technical knowledge related to cyber security monitoring platforms such as Endpoint Protection, CASB, EDR, Azure AD, AWS & CNAP, etc.
• Advantage: Experience in Threat hunting in big data environments
• Good understanding of Information Security, IT, and Networking principles
• Analytical and strategic thinking
• Positive communication skills and ability to work with multiple teams and individuals globally, including good level of written and spoken English