SOC Analyst

Welcome to the future of cloud networking and security!  

Cato Networks is the first company to converge enterprise networking and security into one centralized and global service that is delivered by cloud. It is led by networking and security pioneer Shlomo Kramer (Check Point, Imperva) and early investor (Palo Alto Networks, Exabeem, Trusteer and more).  Cato’s unique technology inspired a brand-new product category, later named “SASE” by Gartner and a market expected to reach $25 billion by 2027.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader – don’t miss it!

As a SOC Analyst, you will be part of a team responsible for real-time monitoring, detection, triage, and response to security incidents affecting our global infrastructure and services. You will play a critical role in protecting the organization from cyber threats by leveraging security tools and technologies within a 24x7 operational environment.

Responsibilities

• Monitoring and Detection: Continuously monitor tools such as SIEM, Endpoint Protection, IPS, Mail Security, CASB and other security solutions to identify potential threats.
• Incident Response: Perform initial triage, investigation, containment, and escalation of security incidents according to defined procedures and SLAs.
• Threat Analysis: Analyze logs, network packets, and native (in-tool) alerts to determine the root cause, impact, and remediation steps.
• Investigation Documentation: Create and maintain detailed incident tickets including investigation audit trail, action items and timelines.
• Collaboration: Work closely with the Cyber Security team, IT, Operations and R&D teams to escalate and resolve incidents effectively.
• Continuous Improvement: Recommend improvements to detection rules, automation scripts, operational runbooks, and shift handover documentation based on lessons learned from incidents.
• Compliance and Reporting: Assist in the generation of reports for compliance audits, management reviews, and threat intelligence updates.

Requirements

• Experience of 2–3 years of experience working in a SOC or cybersecurity operations role
• Experience working with SIEM platform (Advantage: Elastic).
• Experience working with security tools and platforms (Advantage: Microsoft Defender platform).
• Advantage: Experience with scripting or automation (e.g., Python, PowerShell, Bash).
• Related training or education relevant to security analysis or engineering domain
• Strong understanding of cybersecurity fundamentals, including threat vectors, malware, network protocols, and security controls.
• Knowledge of incident response frameworks (e.g., NIST, SANS).
• Advantage: Industry certifications such as CompTIA Security+, EC-Coucnil CSA/CHFI, GCIA, GCIH, etc.
• Willingness to work in rotating shifts, including nights, weekends, and holidays, to support 24x7 operations.
• Excellent analytical, problem-solving, communication skills and ability to correlate different events and think outside the box.
• Ability to work effectively on time-sensitive tasks
• Great people skills and having customer service orientation
• Proficiency in written and verbal English is a must

#LI_HE1