SOC Team Lead
monday.com
IT
Tel Aviv-Yafo, Israel
Posted on Oct 30, 2024
SOC Team Lead
- Security
- Tel-Aviv, Israel
- Full-time
Description
monday.com is looking for a SOC and IRT Team Lead who will focus on designing, building, maintaining and optimizing our SIEM and state-of-the-art Security Operations Center initiatives and facilities. you will work closely with many internal stakeholders and drive the vision and end-to-end execution of our worldwide security operations and observability. You will also lead our incident response to protect our company and customer data.
About The Role
- Ensure 24/7 monitoring of security alerts and incidents by leading and managing a team of SOC analysts
- Establish and enforce SOC processes, procedures and workflows to detect, analyze, contain and eliminate incidents efficiently
- Prepare incident response plans and playbooks for different types of security incidents (e.g., malware outbreaks, data breaches, DDoS attacks)
- Communicate with stakeholders and resolve security incidents as part of incident response activities
- Identify root causes of incidents and recommend corrective actions to prevent future ones
- Manage the SOC's security monitoring tools, SIEM systems and other technologies
- Optimize and configure security tools to provide maximum visibility
- Define key performance indicators (KPIs) for your SOC operations and monitor metrics
- Prepare regular reports on SOC activities, incident trends and metrics for senior management and stakeholders
- Design and implement processes and procedures to keep the team up-to-date with the latest cybersecurity threats, technologies, and best practices
Requirements
- 5+ years as a Security Operations Center (SOC) people manager in a global, enterprise-level environment
- Bachelor’s degree in Computer Science, Information Technology, or a related field; relevant certifications (e.g., CISSP, CISM, GIAC) preferred
- Hands on capabilities - research and leading incident response teams
- Strong analytical and problem-solving abilities, with a keen attention to detail
- Experience in building a global team
- Deep experience with complex Cloud environment and SaaS environments
- Experience with UEBA and Machine learning in SOC environments
- Strong foundation in cybersecurity principles, practices, and technologies; threat intelligence/intrusion detection/prevention systems
- Continuous learning and adaptability; commitment and continuous learning and stay up to date with industry trends, emerging threats, and security best practices