Varonis Careers

Security Operations Center (SOC) Expert

Job Description

We are seeking a highly skilled and experienced Security Operations Center (SOC) expert to join our security team. This role requires a deep understanding of cybersecurity threats, incident response, forensic, and advanced threat hunting techniques. The ideal candidate will possess a strong technical background, excellent problem-solving skills, and a passion for protecting our organization's critical assets.

Responsibilities

Incident Response:

• Lead complex incident response efforts, including containment, eradication, and recovery.
• Conduct in-depth investigations of security incidents, analyzing logs, network traffic, and other relevant data sources.
• Develop and implement effective incident response plans and playbooks.

Threat Hunting:

• Proactively identify and investigate advanced threats and vulnerabilities.
• Utilize advanced threat hunting techniques, including behavioral analysis, anomaly detection, and threat intelligence.
• Develop and implement threat hunting strategies to stay ahead of emerging threats.

Security Operations:

• Monitor, analyze, and respond to security alerts and events.
• Oversee the day-to-day operations of the SOC, including monitoring, alerting, and reporting.
• Function as focal point for escalation to the team.
• Ensure effective utilization of security tools and technologies.
• Continuously improve security processes and procedures to enhance efficiency and effectiveness.
• Work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.

Technical Expertise:

• Deep understanding of network security, endpoint security, cloud security, and security operations.
• 5+ years’ experience working within a security operation/Security architecture teams.
• 5+ years’ experience working across multiple security disciplines (DFIR, log analysis, packet analysis, reverse engineering, detection strategies, etc.)
• Experience working with SOAR platforms for security automation.
• Demonstrated knowledge and experience with  MITRE ATT&CK Framework
• Proficiency in using security tools and technologies, such as SIEM, EDR, SOAR, EASM, CSPM and threat intelligence platforms.
• Proficient in Azure and AWS Cloud platforms
• Strong scripting and programming skills (e.g., Python, PowerShell).
• Advanced knowledge of threat intelligence and threat hunting techniques.
• Ability to analyze complex security problems and develop effective solutions.
• Strong critical thinking and analytical skills.

Other Skills:

• Proven ability to lead and motivate team members.
• Strong problem-solving and decision-making skills.
• Excellent written and verbal communication skills.
• Ability to communicate technical information to both technical and non-technical audiences.
• If you are a highly motivated and skilled cybersecurity professional with a passion for protecting critical infrastructure, we encourage you to apply!