SOC Automation Developer & Tier 2 Analyst (24481)

Who we are:

Yael Group is a leading technology solutions provider in the Israeli market, delivering advanced and innovative IT services to organizations across diverse industries.

Job Description:

• Development and maintenance of automated Playbooks in a SOAR system to reduce incident response times
• Development of complex integrations between SOAR/SIEM systems and security tools and organizational systems
• Specification and development of dedicated tools for SOC and Incident Response teams to streamline investigation and forensic processes
• Research and data analysis in the SIEM system using Jupyter Notebooks on the Cortex platform to create new detection logics
• Identification of anomalies and performing data-driven Threat Hunting as a basis for writing advanced monitoring rules
• Implementation of Generative AI tools to improve operational processes in the cyber command center
• Serving as a professional escalation point for Tier 1 analysts in handling and analyzing complex incidents
• Ongoing maintenance and upgrades of automation systems and developed tools to ensure operational continuity
• Independent work on complex development projects alongside collaboration with SOC and IT teams
• Providing shift-based support, including initial management and investigation of cyber and information security incidents

Job Requirements:

• Academic degree or Practical Engineer diploma in Communications/Technology + 2 years of experience in Information Security, or a professional Information Security course + 2 years of experience, or 3 years of proven experience in Information Security
• In-depth knowledge of communication protocols and system environments
• At least 2 years of experience in Python development, including APIs, data processing, and automation
• Proven experience with SOAR systems such as Phantom, Splunk, Cortex/XSOAR, Swimlane, Siemplify
• Strong familiarity with SOC operations and Incident Response processes
• Experience with SIEM systems, including writing queries, building dashboards, and understanding log structures
• At least 2 additional years of experience in Information Security
• Knowledge of operating systems, information security principles, and system connectivity
• Experience writing custom integrations (Content Custom) in SOAR systems, including developing complex integrations from scratch via APIs – advantage
• Experience developing and implementing LLM / Generative AI-based solutions to improve operational processes – advantage
• Experience conducting Digital Forensics investigations or Malware Analysis as part of Incident Response processes – advantage