SOC Specialist for the Security Operations Center
The security operations center is a team dedicated for providing first response to security incidents, and is focused on the operational aspect of web-application security: analyzing the threat, suggesting immediate methods of remediation and mitigation, and actively working to block attacks in real-time.
The scope of activity ranges throughout layers 3,4 and 7. Encompassing DoS & DDoS attacks, Brute-Force attacks, Scraping and filtering of unwanted traffic, and also extending into initial analysis and mitigation of application attack vectors, such as XSS, SQLi and Remote code execution.
A complementary aspect of this activity is to handle cases of false positives. The SOC will own the task of investigating the root cause for misfire, suggesting the optimal way to avoid further cases, and applying changes accordingly when required.
The SOC will work closely with the first tier support team, acting as a focal point for security related events and incidents. It will also have a bi-directional line of communication with the Incapsula security team, to allow for sharing findings and information, consultation and maintaining updated knowledge of current policies.
The SOC Engineer
As a SOC team member, the specialist is expected to poses a good working knowledge of web-application security and current threat landscape, together with an in-depth familiarity of Imperva's security policies and processes.
The specialist will also maintain a proficiency in field related tools and methodologies, and is encouraged to expand his knowledge all security related matters.
- At least one year of hands-on experience in the security or networking fields (Work, IDF)
- Working knowledge of TCP/IP, HTTP/S, DNS, SSL
- Excellent communication skills
- Advantage for experience in scripting languages: python, bash
- Willingness to work in shifts – at least 3 a week (students are welcome)
Imperva is an analyst-recognized, cybersecurity leader—championing the fight to secure data and applications wherever they reside. Once deployed, our solutions proactively identify, evaluate, and eliminate current and emerging threats, so you never have to choose between innovating for your customers and protecting what matters most. Imperva—Protect the pulse of your business.