Sygnia- Advanced Monitoring Team Lead

About The Position

Sygnia is a top tier cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond and defeat attacks within their networks. It is the trusted advisor and cyber security service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Sygnia is looking for an Advanced Monitoring Team Leader to lead a team of analysts that perform advanced and tailored monitoring activities in clients’ environment. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The successful candidate should be a capable leader, with deep technical knowledge, significant experience in SOC, SecOps or security monitoring, excellent communication capabilities, and the ability to operate in a fast and highly dynamic environment.

Main Responsibilities

• Lead a team of analysts that perform advanced monitoring activities in clients’ environment, including development of analyses, triage of alerts, investigation of security incidents and enhancement of sensors and overall visibility status
• Lead the development of ad-hoc detection and monitoring capabilities as part of large-scale incident response efforts
• Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches
• Develop internal processes and monitoring methodologies for alerts handling, triage and escalation, visibility maintenance, automations and reporting
• Communicate directly with the client’s security personnel in all levels when providing regular updates and following-up on alerts and security events
• Manage activities of the monitoring team and ensure that the team performs required tasks in accordance with defined policies and security best practices
• Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

Requirements:

• At least 5 years of a relevant experience in the cyber security field (from military service and/or industry), specifically in SOC, SecOps or security monitoring teams, and at least 3 years’ experience of team management
• Independent bright and positive leader, who strive for excellency, and able to succeed in an ultra-dynamic, fast pace environment
• Experience in defining and building monitoring processes (triage, documentation, communication with client, alert testing, visibility overview, etc.)
• Demonstrated in-depth understanding of the life cycle of advanced security threats, attack vectors and methods of exploitation
• Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
• Strong technical understanding of network fundamentals, common Internet protocols and system and security controls
• Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix and MacOS), including host-based forensics and experience with analyzing OS artifacts
• Familiarity with cloud infrastructure, web application and servers, android and iOS mobile platforms
• Knowledge and experience with scripting and programming (e.g. Python) – an advantage
• Proven presentation skills and client facing experience, including the ability to articulate complex technical issues in a concise and confident manner to both technical personnel and executive level management
• Fluent English (written, spoken) – a must. Additional languages – an advantage
• Willingness to travel abroad, and to work off hours as required