As the IGS XDR Analyst 2 within our Infinity Global Services (IGS) Managed eXtended Detection and Response (MXDR) Team at Check Point, you will assume a pivotal role in safeguarding our customer's digital assets, sensitive data, and critical systems against cyber threats and attacks. Leveraging your expertise in vulnerability identification, robust security implementation, and incident response, you will significantly enhance our customer's overall security posture. Collaborating closely with cross-functional teams, you will assess risks, formulate effective security strategies, and ensure adherence to industry standards and regulatory requirements. Your strong technical acumen and analytical mindset will be instrumental in the prompt detection and mitigation of security breaches, as well as the proactive anticipation and mitigation of potential threats. Staying at the forefront of emerging cyber threats and trends, you will bolster the customer's defenses, maintaining a resilient and secure IT environment. This role is ideal for a self-driven professional, that is passionate about cloud security, well-versed in major public cloud platforms, and adept at utilizing state-of-the-art tools to monitor security across cutting-edge offerings. By directly supporting top-tier companies across the United States, you will be at the forefront of cybersecurity innovation and excellence.Major ResponsibilitiesResponsibilitiesPerform vigilant monitoring across various security dimensions, including intrusion detection, file integrity, endpoint protection, log management, and SIEM solutions.Leverage expertise in cutting-edge XDR solutions, such as Microsoft Sentinel, Microsoft Defender for Endpoint, Check Point Harmony Endpoint, and other solutions.Navigate cloud environments, particularly Azure, to ensure comprehensive security coverage.Skillfully analyze security events using log data and open-source intelligence to distinguish between legitimate and false-positive incidents.Maintain meticulous records of security monitoring activities through efficient case management and ticketing technologies.Contribute to the development, implementation, and maintenance of environment-specific rules, alerts, and dashboards within SIEM tools using custom queries.Collaborate with clients to tailor and configure SIEM tools, aligning them with specific security and compliance requirements.Effectively communicate security alerts to team members and clients regarding anomalies within the environment.Apply technical writing prowess to craft formal documentation, including analytical reports and briefings.Create and uphold a repository of standard operating procedures, technical documents, training materials, and troubleshooting guidelines for various security solutions.Participate in on-call rotations to provide support beyond regular business hours, catering to client operational needs.Conduct comprehensive data reviews to evaluate the efficacy of existing security and operational measures.Assist in the administration and maintenance of SIEM, Log Management, and Data Analytical Platforms.Address customer-initiated requests, such as Log Source configuration, Data Parsing, Use Case Development, and the resolution of complex issues related to managed security services.Innovate by developing technical solutions that automate repetitive tasks, enhancing operational efficiency.Provide leadership, guidance, and instruction to Junior SOC analysts, fostering a collaborative team environment.Manage ticketing processes, including ticket creation, follow-up, and resolution, ensuring timely customer support.Employ a combination of tools and analytical skills to investigate and identify the root causes of issues across various technologies.Proactively monitor and provide near-real-time updates on the cyber security status, facilitating swift responses to emerging threats and incidents.Conduct comprehensive data reviews to evaluate the efficacy of existing security and operational measures.Assist in the administration and maintenance of SIEM, Log Management, and Data Analytical Platforms.Innovate by developing technical solutions that automate repetitive tasks, enhancing operational efficiency.Manage ticketing processes, including ticket creation, follow-up, and resolution, ensuring timely customer support.Proactively monitor and provide near-real-time updates on the cyber security status, facilitating swift responses to emerging threats and incidents.Work Timings - Night shift (10.30 PM to 7.30 AM)What are we looking forUpbeat and positive attitude Strong analytical and troubleshooting skills Excellent written and verbal communication skillsTeam playerPrior experience performing as a SOC analystWorking knowledge of SIEM solutions and incident management solutionsTechnical understanding of core cybersecurity technologies as well as emerging capabilities.Inquisitive, problem-solving oriented3+ years of prior relevant experience.Preferred QualificationsExperience: - SOC: 3+ years (Preferred)Cybersecurity: 4+ years (Preferred)SIEM: 1+ years (Preferred) (Splunk or Sentinel)Vulnerability ManagementThreat HuntingPrior SIEM experience (Working Knowledge)TuningAlert triageDetection EngineeringIncident ResponseProgramming/Scripting in one language (PowerShell / Python / Bash)
Job Title
XDR Engineer