The senior vSOC analyst will be responsible for playbook creation and maintenance and will ensure that the correct training is in place so that team members can implement procedures and policies.
The senior vSOC analyst will act as the vehicle security focal point for managed services for customers and troubleshooting of real-time potential security alerts.
The position is full-time and is based in Herzliya, Israel
Responsibilities
Primarily responsible for security event monitoring, management, and response
Provide administrative direction and support for daily operational activities
Present in business reviews and workshops with partners and customers
Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
Conduct threat hunting and proactively Identify threat vectors and develop use cases for security monitoring
Fine tune detection logic and machine learning profiles
Creation of root cause analysis, reports, dashboards, metrics for vSOC operations and presentation to senior management
Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
Working with the team to create RCA’s for events escalated to incident levels
Development and execution of Standard Operating Procedures, Event Handlers and Job Aids required for successful task completion
At least 3 years of experience working in MSSP’s or Enterprise companies
Previous customer facing analyst role, preferably within MSSP, consulting, or professional services context
Proficient in Incident Management and Response
Experience in creation of playbooks
Experience in threat hunting and open source intelligence (OSINT) investigations
Experience in security device management and SIEM (e.g., Sentinel, Splunk, Chronicle, etc.)
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Familiarity with malware techniques and attack techniques (e.g. code injection, DGA, hooks, etc.)
Familiarity with big data platforms and data analysis (e.g. SQL)
Familiarity with API / web attack techniques and tools (e.g., Burp suite, postman)
Hands on experience with development / scripting languages (e.g. python)
Strong troubleshooting and problem-solving skills
Knowledge of applications, databases, middleware to address security threats
Proficient in preparation of reports, dashboards, and documentation
Strong communication, interpersonal, and leadership skills with a positive, customer-oriented attitude.
Proven ability to handle high-pressure situations, adapt to changing priorities, and multitask effectively in a dynamic environment.
Technical acumen with the ability to understand and interpret technical specifications and take proactive initiative.
Automotive industry experience – an advantage
