consulting and incident response support for organizations worldwide. Sygnia
works with companies to proactively build their cyber resilience and to
respond and defeat attacks within their networks. It is the trusted advisor
and cyber security service provider of IT and security teams, senior
managements, and boards of top organizations worldwide, including Fortune 100
companies.
The company draws on top talent from the ranks of elite military technology
units and from across the cyber industry and has some of the world’s top
talents in cyber security. Described by Forbes as a “cyber security delta
force”, it applies technological supremacy, digital combat experience, data
analytics and a business-driven mindset to cyber security, enabling
organizations to excel in the age of cyber.
Sygnia is looking for an Advanced Monitoring Team Leader to lead a team of
analysts that perform advanced and tailored monitoring activities in clients’
environment. The role includes development of detection analyses, triage of
alerts, investigation of security incidents, proactive threat hunting and
enhancement of sensors and overall visibility status. The successful candidate
should be a capable leader, with deep technical knowledge, significant
experience in SOC, SecOps or security monitoring, excellent communication
capabilities, and the ability to operate in a fast and highly dynamic
environment.
Main Responsibilities
* Lead a team of analysts that perform advanced monitoring activities in clients’ environment, including development of analyses, triage of alerts, investigation of security incidents and enhancement of sensors and overall visibility status
* Lead the development of ad-hoc detection and monitoring capabilities as part of large-scale incident response efforts
* Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches
* Develop internal processes and monitoring methodologies for alerts handling, triage and escalation, visibility maintenance, automations and reporting
* Communicate directly with the client’s security personnel in all levels when providing regular updates and following-up on alerts and security events
* Manage activities of the monitoring team and ensure that the team performs required tasks in accordance with defined policies and security best practices
* Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.
Main Requirements
* At least 5 years of a relevant experience in the cyber security field (from military service and/or industry), specifically in SOC, SecOps or security monitoring teams, and at least 3 years’ experience of team management
* Independent bright and positive leader, who strive for excellency, and able to succeed in an ultra-dynamic, fast pace environment
* Experience in defining and building monitoring processes (triage, documentation, communication with client, alert testing, visibility overview, etc.)
* Demonstrated in-depth understanding of the life cycle of advanced security threats, attack vectors and methods of exploitation
* Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
* Strong technical understanding of network fundamentals, common Internet protocols and system and security controls
* Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix and MacOS), including host-based forensics and experience with analyzing OS artifacts
* Familiarity with cloud infrastructure, web application and servers, android and iOS mobile platforms
* Knowledge and experience with scripting and programming (e.g. Python) – an advantage
* Proven presentation skills and client facing experience, including the ability to articulate complex technical issues in a concise and confident manner to both technical personnel and executive level management
* Fluent English (written, spoken) – a must. Additional languages – an advantage
* Willingness to travel abroad, and to work off hours as required