Managed Services Consultant, MXDR (SOC Analyst Sat.-Wed.)

As the world's leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we've assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers' real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base.

Check Point Software Technologies has been honored by Time Magazine as one of the World's Best Companies for 2024 and Newsweek's 2025 list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World's Best Places to Work for five consecutive years (2020-2024) and recognized as one of the World's Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.

As the Check Managed Services Consultant, MXDR within our Check Point Services Managed eXtended Detection and Response (MXDR) Team at Check Point, you will assume a pivotal role in safeguarding our customer's digital assets, sensitive data, and critical systems against cyber threats and attacks. Leveraging your expertise in vulnerability identification, robust security implementation, and incident response, you will significantly enhance our customer's overall security posture. Collaborating closely with cross functional teams, you will assess risks, formulate effective security strategies, and ensure adherence to industry standards and regulatory requirements. Your strong technical acumen and analytical mindset will be instrumental in the prompt detection and mitigation of security breaches, as well as the proactive anticipation and mitigation of potential threats. Staying at the forefront of emerging cyber threats and trends, you will bolster the customer's defenses, maintaining a resilient and secure IT environment. This role is ideal for a self driven professional, that is passionate about cloud security, well versed in major public cloud platforms, and adept at utilizing state of the art tools to monitor security across cutting edge offerings. By directly supporting top tier companies across the United States, you will be at the forefront of cybersecurity innovation and excellence.

• 100% Remote
• Saturday - Wednesday 8am-5pm (UTC-05:00)
• Support of rotating On-Call schedule

Responsibilities

• Perform vigilant monitoring across various security dimensions, including intrusion detection, file integrity, endpoint protection, log management, and SIEM solutions.
• Leverage expertise in cutting edge XDR solutions, such as Microsoft Sentinel, Microsoft Defender for Endpoint, Check Point Harmony Endpoint, and other solutions.
• Navigate cloud environments, particularly Azure, to ensure comprehensive security coverage.
• Skillfully analyze security events using log data and open-source intelligence to distinguish between legitimate and false-positive incidents.
• Maintain meticulous records of security monitoring activities through efficient case management and ticketing technologies.
• Contribute to the development, implementation, and maintenance of environment-specific rules, alerts, and dashboards within SIEM tools using custom queries.
• Collaborate with clients to tailor and configure SIEM tools, aligning them with specific security and compliance requirements.
• Effectively communicate security alerts to team members and clients regarding anomalies within the environment.
• Apply technical writing prowess to craft formal documentation, including analytical reports and briefings.
• Create and uphold a repository of standard operating procedures, technical documents, training materials, and troubleshooting guidelines for various security solutions.
• Participate in on-call rotations to provide support beyond regular business hours, catering to client operational needs.
• Conduct comprehensive data reviews to evaluate the efficacy of existing security and operational measures.
• Assist in the administration and maintenance of SIEM, Log Management, and Data Analytical Platforms.
• Address customer-initiated requests, such as Log Source configuration, Data Parsing, Use Case Development, and the resolution of complex issues related to managed security services.
• Innovate by developing technical solutions that automate repetitive tasks, enhancing operational efficiency.
• Provide leadership, guidance, and instruction to Junior SOC analysts, fostering a collaborative team environment.
• Manage ticketing processes, including ticket creation, follow-up, and resolution, ensuring timely customer support.
• Employ a combination of tools and analytical skills to investigate and identify the root causes of issues across various technologies.
• Proactively monitor and provide near-real-time updates on the cyber security status, facilitating swift responses to emerging threats and incidents.
• Conduct comprehensive data reviews to evaluate the efficacy of existing security and operational measures.
• Assist in the administration and maintenance of SIEM, Log Management, and Data Analytical Platforms.
• Innovate by developing technical solutions that automate repetitive tasks, enhancing operational efficiency.
• Manage ticketing processes, including ticket creation, follow-up, and resolution, ensuring timely customer support.
• Proactively monitor and provide near-real-time updates on the cyber security status, facilitating swift responses to emerging threats and incidents.

• 3+ years of recent cybersecurity experience required
• One Cyber Security certification (Microsoft SC-900, SC-200, SC-100, Security+, CySA+, CEH, etc)
• Working knowledge of Operating Systems
• Fundamental Networking knowledge

• Upbeat and positive attitude Strong analytical and troubleshooting skills Excellent written and verbal communication skills
• Team player
• Prior experience performing as a SOC analyst
• Working knowledge of SIEM solutions and incident management solutions
• Technical understanding of core cybersecurity technologies as well as emerging capabilities.
• Inquisitive, problem-solving oriented
• 3+ years of prior relevant experience.

• Experience:
  
  
  
  • SOC: 3+ years (Preferred)
  • Cybersecurity: 4+ years (Preferred)
  • SIEM: 2+ years (Preferred) (Splunk or Sentinel)
  
  
  
  
• Vulnerability Management
• Threat Hunting
• Prior SIEM experience (Working Knowledge)
  
  
  
  • Tuning
  • Alert triage
  • Detection Engineering
  
  
  
  
• Incident Response
• Programming/Scripting in one language (PowerShell / Python / Bash)

• 100% Remote
• Saturday - Wednesday 8am-5pm (UTC-05:00)
• Support of rotating On-Call schedule