SOC & IR Specialist

Title: SOC & IR Specialist

Description

The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation.

Thousands of organizations worldwide trust Varonis to defend their data wherever it lives — across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management.

Varonis protects data first, not last. Learn more at www.varonis.com.

Availability for weekend on-call duty approximately once every 3–4 weeks (daytime only; no overnight shifts).

The Requirements:

• Deep understanding of network security, endpoint security, cloud security, and security operations.
• 5+ years’ experience working within a security operation/Security architecture teams.
• 5+ years’ experience working across multiple security disciplines (DFIR, log analysis, packet analysis, reverse engineering, detection strategies, etc.)
• Experience working with SOAR platforms for security automation.
• Demonstrated knowledge and experience with MITRE ATT&CK Framework
• Proficiency in using security tools and technologies, such as SIEM, EDR, SOAR, EASM, CSPM and threat intelligence platforms.
• Proficient in Azure and AWS Cloud platforms
• Strong scripting and programming skills (e.g., Python, PowerShell).
• Advanced knowledge of threat intelligence and threat hunting techniques.
• Ability to analyze complex security problems and develop effective solutions.
• Strong critical thinking and analytical skills.
• Proven ability to lead and motivate team members.
• Strong problem-solving and decision-making skills.
• Excellent written and verbal communication skills.
• Ability to communicate technical information to both technical and non-technical audiences.
• If you are a highly motivated and skilled cybersecurity professional with a passion for protecting critical infrastructure, we encourage you to apply!

The Responsibilities:

• Incident Response: Lead complex incident response efforts, including containment, eradication, and recovery.
• Conduct in-depth investigations of security incidents, analyzing logs, network traffic, and other relevant data sources.
• Develop and implement effective incident response plans and playbooks.
• Threat Hunting: Proactively identify and investigate advanced threats and vulnerabilities.
• Utilize advanced threat hunting techniques, including behavioral analysis, anomaly detection, and threat intelligence.
• Develop and implement threat hunting strategies to stay ahead of emerging threats.
• Security Operations: Monitor, analyze, and respond to security alerts and events.
• Oversee the day-to-day operations of the SOC, including monitoring, alerting, and reporting.
• Function as focal point for escalation to the team.
• Ensure effective utilization of security tools and technologies.
• Continuously improve security processes and procedures to enhance efficiency and effectiveness.
• Work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.