SOC Analyst - Phishing Investigation & Detection Support
Description
SOC Analyst- Phishing Investigation & Detection Support
The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation.
Thousands of organizations worldwide trust Varonis to defend their data wherever it lives — across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management.
Varonis protects data first, not last. Learn more at www.varonis.com.
The Role: We are looking for a security-savvy SOC Analyst to triage and investigate customer-reported phishing cases, validate detection misses, and act as the 2nd line of response for false positives and false negatives. This role does not involve building machine learning models, but you will need to understand how our ML-based detection pipeline works at a high level to communicate with both customers and internal research teams.
The Requirements:
- 5+ years of experience working in a SOC, abuse inbox team, or security support team preferred.
- Strong understanding of email headers, phishing techniques, social engineering, and threat analysis.
- Experience working in a SOC, abuse inbox team, or security support team preferred.
- Ability to triage and filter customer-reported threats effectively.
- Strong written communication skills for documenting findings and writing customer-facing summaries.
- Familiarity with Linux, basic shell scripting, and comfort with JSON logs or email forensic tools.
- Knowledge of how ML-based security detections work at a conceptual level (e.g., confidence scores, features, thresholds) is a plus.
The Responsibilities:
- Investigate customer-reported phishing misses and filter out invalid cases (e.g., spam or benign messages misreported as phishing).
- Analyze true false negatives and escalate confirmed misses to the research or data science team for deeper evaluation
- Identify false positives and help refine whitelisting or policy configuration for specific customer environments.
- Maintain detailed internal notes and submit structured reports for every valid FP/FN case.
- Develop a basic understanding of our ML architecture and detection signals to explain detection decisions to customers during escalations.
- Collaborate with phishing researchers and data scientists to provide labeled data, feedback, and context that improves detection over time
We invite you to check out our Instagram Page to gain further insight into the Varonis culture!
@VaronisLife
Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics
Please review our Notice of E-Verify Participation and our Right to Work Statements.