Senior Cyber Security Analyst

Description

monday.com is looking for a Senior SOC and IRT Analyst who will focus on designing, building, maintaining, and optimizing our SIEM and state-of-the-art Security Operations Center initiatives and facilities. As, a Senior member of the team, you will work closely with many internal stakeholders and drive the vision and end-to-end execution of our worldwide security operations and observability. You will also be a key part of our incident response efforts to protect our company and customer data.

About The Role

• Ensure 24/7 monitoring of security alerts and incidents within a team of highly skilled SOC analysts
• Establish and enforce SOC processes, procedures and workflows to detect, analyze, contain and eliminate incidents efficiently
• Prepare incident response plans and playbooks for different types of security incidents (e.g., malware outbreaks, data breaches, DDoS attacks)
• Communicate with stakeholders and resolve security incidents as part of incident response activities
• Identify root causes of incidents and recommend corrective actions to prevent future ones
• Manage, maintain and optimize the SOC's security monitoring tools, SIEM systems and other technologies
• Optimize and configure security tools to provide maximum visibility
• Define, monitor and achieve targets for key performance indicators (KPIs) for SOC operations
• Prepare regular reports on SOC activities, incident trends, and metrics for senior management and stakeholders
• Design and implement processes and procedures to keep the team up-to-date with the latest cybersecurity threats, technologies, and best practices
  
  

• 5+ years as a Security Operations Center (SOC) analyst in a global, enterprise-level environment
• Bachelor’s degree in Computer Science, Information Technology, or a related field; relevant certifications (e.g., CISSP, CISM, GIAC) preferred
• Deep Hands-on capabilities
• Deep Automation Experience
• Deep Splunk machine learning experience
• Experience in leading incident response
• Strong analytical and problem-solving abilities, with a keen attention to detail
• Deep experience with complex Cloud environment and SaaS environments
• Experience with UEBA and Machine learning in SOC environments - advantage
• Strong foundation in cybersecurity principles, practices, and technologies; threat intelligence/intrusion detection/prevention systems
• Continuous learning and adaptability; commitment and continuous learning and stay up to date with industry trends, emerging threats, and security best practices