CyberArk Software, the global leader in privileged access management, helps organizations transform their business through improved security and reduced risk. As a trusted partner for thousands of companies around the world, CyberArk consistently sets the bar – driving innovation and helping our customers stay one step ahead of attackers.
CyberArk is looking for an experienced and professional Information Security SOC Analyst to join the Global information security team. In this role, the Information security -Security Operations Center analyst will take reactive and proactive actions in order to handle any potential or actual cyber threat.
Operate the Information security SOC to monitor and react on and security alert and potential security incident
Take reactive and proactive actions against cyber-threats and incidents
Maintain and enhance SOC security systems as SIEM, PT simulations etc to always own a complete defense visibility and to continuously align it with new attack vectors and techniques
Handle SIEM alerts and document actions and response as well as track remediation actions.
Design and write code to support SIEM and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development etc.
Research, simulate and run penetration tests using publicly available and proprietary tools
According to need; lead security projects/activities with other security and R&D groups
Develop and maintain lab environments to asses new security threats
At least 4- 5 years of experience as a SOC analyst is a must
At least 4 years of experience in security analysis in a high-tech company is a must
Excellent understanding and proven hands-on experience with a leading SIEM system (defining and building correlation, aggregation, normalization and parsing)
Proven experience in connecting SIEM to cloud resources or working with AWS security tools – an advantage
Strong understanding of security principles, policies and industry best practices
Networking knowledge – understand networking essentials, components, data flows, architecture, ports and protocols, wireless, etc.
General operating system knowledge– Solid understanding and practical experience in various flavors of Windows and Linux, OS configuration, file system structures, OS components, mobile operating systems etc.
Scripting/coding experience (Python, Perl, Ruby, Bash, PowerShell, .NET, HTML5, PHP etc.) for developing, extending or modifying exploits, shellcode or exploit tools
Hands-on experience in static and dynamic malware analysis
Excellent problem solving/analytical skills
Excellent communication and interpersonal skills
Must be able to work in a global team
Ability to work in a multi-tasking environment
The job requires high availability and very high attention to detail
CyberArk is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Recruiting agencies or vendors without a valid agreement between the parties are not authorized to (a) send CyberArk unsolicited resumes or candidate data or (b) contact CyberArk employees for the purposes of presenting candidates for employment. CyberArk will only work with recruiting agencies who have a valid agreement with CyberArk and that are specifically invited by CyberArk’s recruiting team to assist with searching for and submitting candidates for a specific position. Any unsolicited resumes or other candidate data submitted to CyberArk will not be accepted and shall be considered CyberArk’s property. CyberArk will not pay any placement or other fees of any kind for any unsolicited resumes or candidate data that is submitted in violation of this policy. CyberArk does not accept liability under any legal theory such as course of conduct, oral agreements, implied contracts, or otherwise based on negotiations with a candidate identified from an unsolicited resume or data in violation of this policy.