This job was posted by https://idahoworks.gov : For more information,
please see: https://idahoworks.gov/jobs/2212455 SOC Analyst
This is a remote role based out of East coase ot Central time zone
Who we are:
CyberArk (NASDAQ: CYBR) is the global leader in Identity Security.
Centered on privileged access management, CyberArk provides the most
comprehensive security offering for any identity - human or machine -
across business applications, distributed workforces, hybrid cloud
workloads and throughout the DevOps lifecycle. The world\'s leading
organizations trust CyberArk to help secure their most critical assets.
To learn more about CyberArk, visit our CyberArk blogs or follow us on
Twitter, LinkedIn or Facebook.
What you will do:
- Operate the Information security SIEM/SOC to monitor and respond to
any security alert and potential security incident.
- Take reactive and proactive actions against cyber threats and
incidents
- Maintain and enhance SOC security systems such as SIEM, SOAR, PT
simulations, and additional other market-leading systems to always
own complete defense visibility and to continuously align it with
new attack vectors and techniques
- Handle SIEM alerts, document actions and responses, and track
remediation actions.
- Design and write code to support SIEM and respective systems rules
creation, reports and dashboards, playbook definitions and
development, interfaces development etc.
- Familiarity with cloud services, cloud environment architecture, and
the major cloud providers (AWS, GCP, Azure)
- Research, simulate, and run penetration tests using publicly
available proprietary tools.
- Lead security projects/activities with other security and R&D groups
according to need.
What you need to succeed:
- At least 2 years of experience as a SOC operator - a must
- At least 3 years of experience in security analysis in a high-tech
company
- Excellent understanding and proven hands-on experience with a
leading Splunk SIEM system (defining and building correlation,
aggregation, normalization, and parsing).
- Proven experience in cloud threat hunting and working with AWS
security tools - an advantage
- Experience in SOAR system (Cortex XSOAR- an advantage): design and
implement playbooks, write scripts and tools (connectors) - an
advantage.
- Strong understanding of security principles, policies, and industry
best practices
- Networking knowledge - understand networking essentials, components,
data flows, architecture, ports, and protocols, wireless, etc.
- General operating system knowledge - Solid understanding and
practical experience in various flavors of Windows, macOS and Linux,
OS configuration, file system structures, OS components, mobile
operating systems etc.
- Scripting/coding experience (Python, PowerShell, etc.) for
developing, extending, or modifying exploits, shellcode or exploit
tools
- Hands-on experience in static and dynamic malware analysis - an
advantage
- Excellent problem-solving/analytical skills
- Excellent communication andinterpersonalskills
- A team player - working in a global team
- Ability to work in a multi-tasking environment
- Availability - the job requires high availability
- Must be a US Citizen
CyberArk is an Equal Opportunity/Affirmative Action employer. All
qualified applicants will receive consideration for employment without
regard to race, color, religion, creed, sex, sexual orientation, gender
identity, national origin, disability, or protected Veteran status.
The salary range for this position is \$81,000 - \$115,000/year, plus
commissions or discretionary bonus, which will be based on the
employee\'s performance. Base pay may also vary considerably depending
on job-related knowledge, skills, and experience. The compensat on
package includes a wide range of medical, dental, vision, financial, and
other benefits.
#LI-SS1