SOC Analyst Tier 2- 234954 – אנליסט/ית SOC דרג 2

סקירה כללית

Job Description: The role involves in-depth investigation of complex security alerts, managing cyber incident response activities, and developing advanced detection rules. The position includes close collaboration with infrastructure and development teams to reduce the organization’s attack surface. Responsibilities: * Investigating security incidents and providing escalation support for Tier 1 analysts * Conducting in-depth investigations of complex security alerts, breach incidents, and suspected malicious activities (Malware, Phishing, Unauthorized Access) * Performing proactive threat hunting activities focused on identifying low-signal malicious behavior and behavioral anomalies using advanced statistical analysis, long-term event correlation, and MITRE ATT&CK–based detection techniques * Performing basic endpoint forensics and network traffic analysis to identify attack vectors and assess impact * Tuning and optimizing SIEM/XDR detection rules to reduce false positives and improve overall system efficiency * Identifying gaps in SOC operational processes and initiating improvement projects * Mentoring and providing professional guidance to Tier 1 analysts Mandatory Requirements (Education & Experience): * 1–2 years of experience as a Tier 2 SOC Analyst * Proven experience in investigating, analyzing, and responding to cybersecurity incidents * Hands-on experience working in multi-cloud environments (AWS / Azure) * Practical experience with security technologies such as FW, IPS, WAF, XDR/EDR, SIEM, Email Security, Deception technologies, etc. * Strong understanding of network protocols (TCP/IP, DNS, HTTP/S) and ability to analyze network traffic using logs and dedicated tools (e.g., Wireshark) * Ability to perform basic static and dynamic analysis of suspicious files * Strong technical writing skills in both Hebrew and English Advantages: * Ability to write automation scripts using Python or PowerShell * Experience with Sentinel, Splunk, or Palo Alto Cortex * Ability to write complex queries using KQL / SPL

דרישות המשרה

* Investigating security incidents and providing escalation support for Tier 1 analysts * Conducting in-depth investigations of complex security alerts, breach incidents, and suspected malicious activities (Malware, Phishing, Unauthorized Access) * Performing proactive threat hunting activities focused on identifying low-signal malicious behavior and behavioral anomalies using advanced statistical