Security Operation Center (SOC) Analyst (US – Boston / Santa Clara Office)
CyberArk, the global leader in privileged access management, helps organizations transform their business through improved security and reduced risk. As a trusted partner for thousands of companies around the world, CyberArk consistently sets the bar – driving innovation and helping our customers stay one step ahead of attackers.
CyberArk is looking for an experienced and professional Information Security SOC Analyst to join the Global information security team. In this role, the Information security SOC analyst will take reactive and proactive actions in order to handle any potential or actual cyber threat.
- Operate the Information security SIEM/SOC to monitor and respond to any security alert and potential security incident
- Take reactive and proactive actions against cyber-threats and incidents
- Maintain and enhance SOC security systems such as SIEM, SOAR, PT simulations and additional other market-leading systems to always own complete defense visibility and to continuously align it with new attack vectors and techniques
- Handle SIEM alerts and document actions and response as well as track remediation actions.
- Design and write code to support SIEM and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development etc.
- Research, simulate and run penetration tests using publicly available and proprietary tools
- According to need; lead security projects/activities with other security and R&D groups
- Develop and maintain lab environments to assess new security threats
- Must have at least 3 years’ experience as a SOC analyst
- Must have at least 2 years’ experience in security analysis in a high-tech company – a must
- Excellent understanding and proven hands-on experience with a leading Splunk SIEM system (defining and building correlation, aggregation, normalization, and parsing)
- Proven experience in connecting SIEM to cloud resources or working with AWS security tools is nice to have
- Experience in SOAR system (Cortex XSOAR): design and implement playbooks, write scripts and tools (connectors) is an advantage
- Strong understanding of security principles, policies, and industry best practices
- Networking knowledge – understand networking essentials, components, data flows, architecture, ports and protocols, wireless, etc.
- General operating system knowledge– Solid understanding and practical experience in various flavors of Windows and Linux, OS configuration, file system structures, OS components, mobile operating systems etc.
- Scripting/coding experience (Python, PowerShell, etc.) for developing, extending, or modifying exploits, shellcode or exploit tools
- Hands-on experience in static and dynamic malware analysis is an advantage
- Excellent problem solving/analytical skills
- Excellent communication and interpersonal skills
- A team player – working in a global team
- Ability to work in a multi-tasking environment
- The job requires high availability especially during emergencies and is not a 9 – 5 position
CyberArk is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Recruiting agencies or vendors without a valid agreement between the parties are not authorized to (a) send CyberArk unsolicited resumes or candidate data or (b) contact CyberArk employees for the purposes of presenting candidates for employment. CyberArk will only work with recruiting agencies who have a valid agreement with CyberArk and that are specifically invited by CyberArk’s recruiting team to assist with searching for and submitting candidates for a specific position. Any unsolicited resumes or other candidate data submitted to CyberArk will not be accepted and shall be considered CyberArk’s property. CyberArk will not pay any placement or other fees of any kind for any unsolicited resumes or candidate data that is submitted in violation of this policy. CyberArk does not accept liability under any legal theory such as course of conduct, oral agreements, implied contracts, or otherwise based on negotiations with a candidate identified from an unsolicited resume or data in violation of this policy.