SOC Analyst

About The Position

Sygnia is a top-tier cyber technology and services company, providing consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience, and respond to and defeat attacks within their networks. Sygnia is the trusted advisor and cybersecurity service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry, and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Sygnia is looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a ‘can-do’ attitude.

Responsibilities

• Working across all areas of Sygnia’s SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
• Solving security incidents in accordance with defined service level agreements and objectives.
• Prioritizing and differentiating between potential incidents and false alarms.
• Addressing clients’ enquiries via phone, email, and live chat.
• Working side-by-side with customers, providing insightful incident reports.
• Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
• Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
• Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
• Correlating information from disparate sources to develop novel detection methods.

Requirements:

• At least one year of experience in a SOC/MDR or Managed EDR service, including night and weekend shifts.
• Strong analytical thinker, problem-solving mindset, and ability to succeed in a dynamic environment.
• Independent, bright and positive analyst who strives for excellence.
• Proficiency and experience with scripting (Python).
• Strong capabilities in drafting cyber security reports for clients.
• Basic understanding of the lifecycle of advanced security threats, attack vectors, and methods of exploitation.
• Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
• Familiarity with common data and log sources for monitoring, detection and analysis (e.g., Event Logs, firewall, EDR).
• Strong technical understanding of network fundamentals, common internet protocols, and system and security controls.
•  Basic knowledge of host-based forensics and OS artifacts.
• Familiarity with cloud infrastructure, web application and servers – an advantage.
• Fluent English (written, spoken) – a must. Another language – an advantage.