Varonis is looking for a SOC Analyst to triage and investigate customer-reported phishing cases, validate detection misses, and act as the 2nd line of response for false positives and false negatives.
Requirements
- Strong understanding of email headers, phishing techniques, social engineering, and threat analysis.
- Ability to triage and filter customer-reported threats effectively.
- Familiarity with Linux, basic shell scripting, and comfort with JSON logs or email forensic tools.
- Knowledge of how ML-based security detections work at a conceptual level (e.g., confidence scores, features, thresholds) is a plus.
Responsibilities
- Investigate customer-reported phishing misses and filter out invalid cases (e.g., spam or benign messages misreported as phishing).
- Analyze true false negatives and escalate confirmed misses to the research or data science team for deeper evaluation
- Identify false positives and help refine whitelisting or policy configuration for specific customer environments.
- Maintain detailed internal notes and submit structured reports for every valid FP/FN case.
- Develop a basic understanding of our ML architecture and detection signals to explain detection decisions to customers during escalations.
- Collaborate with phishing researchers and data scientists to provide labeled data, feedback, and context that improves detection over time
Other
- 5+ years of experience working in a SOC, abuse inbox team, or security support team preferred.
- Strong written communication skills for documenting findings and writing customer-facing summaries.
