IT Security Team PDP

This page contains the different roles within the IT Security Team path. Choose the relevant role you want to learn about. You can also enter the “Professional Path” (coming soon) to access the relevant skills and resources. 🔙

IT Security
Field Team
Application Security
GRC

Choose the roles

SOC Analyst (2nd level)
SOC Analyst (3rd level)
IT Security Specialist
Experienced IT Security Specialist
Senior IT Security Specialist
IC Path
IT Security Tech Lead
Management Path
IT Security Team Lead

Choose the competencies

All
Professional skills
Independence and complexity
Collaboration and communication
Culture and maturity

SOC Analyst (2nd level)

Professional Path

Level 2.

Professional skills

The role applies broad professional knowledge of theory and principles. Works almost independently on issues of diverse scope under a general definition of the requirements.

Behaviors

  • Provides 2nd level SOC response to all monday.com employees around the world
  • Operates and maintains all security aspects of SOC, ensuring that the SOC is configred and providing quality events and alerts in a seamless fashion
  • Works with all internal stakeholders to acknowledge and remediate all incoming SOC incidents
Independence and complexity

Executes tasks and solves IT Security issues & projects. Has ownership of non-critical aspects in the domain.

Behaviors

  • Mostly independent in solving IT Security challenges, tickets and maintenance tasks related to end-users and systems in everything related to the information security domain
  • Mostly independent in executing security maintenance and protection tasks with current and new vendors
  • Mostly independent in executing their projects A to Z
Collaboration and communication

Collaborates with his own team and others about cross-department tasks. Communicates some of the domain needs internally and externally.

Behaviors

  • Communicates in respectful, professional, service-oriented manner
  • Collaborates with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, raise concerns from single ticket to team-wide solutions and support)
  • Acts with an employee as a client
  • Takes actionable part in Onboard new team member as a professional function and as a buddy
  • Works with the IT team to provide timely instructions about patches and remediation tasks for security issues and vulnerabilities
  • Works with SOC Tier 1 Provider as a close synergistic parter to ensure that monday.com has the best possible SOC protection and remediation
Culture and maturity

Familiar with the culture and is able to communicate it and act according to it.

Behaviors

  • Familiar with the domain, challenges and needs
  • Can contribute to discussions about solutions internally and externally

SOC Analyst (3rd level)

Professional Path

Level 3.

Professional skills

The role applies broad professional knowledge of theory and principles, leveraging thier proven experience to implement and maintain at the highest level. Works independently on issues of diverse scope under a general definition of the requirements.

Behaviors

  • Provides 3nd level SOC response to all monday.com employees around the world
  • Operates and maintains all security aspects of SOC, ensuring that the SOC is configred and providing quality events and alerts in a seamless fashion
  • Works with all internal stakeholders to acknowledge and remediate all incoming SOC incidents
  • Provides basic and advanced security SOC remediation for LAN, Wireless, VPN configuration, installs and maintains all aspects of office technical security for equipment, including laptops, printers, monitors, and other IT peripherals Supports IT-owned SaaS applications and management systems (AWS, Jamf, G-Suite, Intune, OKTA, Palo Alto, etc.)
  • Provides solutions for more complex issues Takes part in small/medium projects that are related to end-users and/or work together with Tier3 on projects that they own (50% operational, 50% projects)
Independence and complexity

Executes advanced tasks and solve more complex IT issues & projects. Has ownership of critical aspects in the domain.

Behaviors

  • Fully independent in solving IT Security challenges, tickets and maintenance related to end-users and systems in everything related to the information security domain
  • Independent in executing security maintenance and protection tasks with current and new vendors
  • Fully independent in executing their projects A to Z
Collaboration and communication

Collaborates with his own team and others about cross-department tasks. Communicates all the domain needs internally and externally.

Behaviors

  • Communicates in respectful, professional, service-oriented manners
  • Collaborates with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, raise concerns from single ticket to team-wide solutions and support)
  • Acts with an employee as a client
  • Guides IT and specialists regarding complex tickets and projects under their domain
  • Takes actionable part in onboarding new IT security Specialists and team members as a professional function and as a buddy
  • Acts as a Project manager on their projects, with vendors and internal stakeholders
  • Works with the rest of the security team and IT team to to provide timely proactive information and instructions on updates, patches and vulnerabilities and detailed, authoritative remediation steps to security issues and tracks until completion
  • Works with SOC Tier 1 Provider as a close synergistic parter to ensure that monday.com has the best possible SOC protection and remediation
Culture and maturity

Familiar with the culture and is able to communicate it and act according to it.

Behaviors

  • Familiar with the domain challenges and needs.
  • Can contribute to discussions about solutions internally and externally.
  • Able to mentor
  • Leads the vision and contstant improvement of the SOC and SOAR elements for monday.com

IT Security Specialist

Professional Path

Level 2. Execution only.

Professional skills

The role applies broad professional knowledge of theory and principles. Works almost independently on issues of diverse scope under a general definition of the requirements.

Behaviors

  • Provides 3rd level SOC response to all monday.com employees around the world
  • Operates and maintains all security aspects of our Apple and Microsoft products, both on-site and remote
  • Willing to support internal users in anything they need in order to solve security problems related to their workstations
Independence and complexity

Executes tasks and solves IT Security issues & projects. Has ownership of non-critical aspects in the domain.

Behaviors

  • Mostly independent in solving IT Security challenges, tickets and maintenance tasks related to end-users and systems in everything related to the information security domain
  • Mostly independent in executing security maintenance and protection tasks with current and new vendors
  • Mostly independent in executing their projects A to Z
Collaboration and communication

Collaborates with his own team and others about cross-department tasks. Communicates some of the domain needs internally and externally.

Behaviors

  • Communicates in respectful, professional, service-oriented manner
  • Collaborates with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, raise concerns from single ticket to team-wide solutions and support)
  • Acts with an employee as a client
  • Takes actionable part in Onboard new team member as a professional function and as a buddy
  • Works with the IT team to provide timely instructions about patches and remediation tasks for security issues and vulnerabilities
Culture and maturity

Familiar with the culture and is able to communicate it and act according to it.

Behaviors

  • Familiar with the domain, challenges and needs
  • Can contribute to discussions about solutions internally and externally

Experienced IT Security Specialist

Professional Path

Level 3. To be promoted for this position the employee should be at least 1 year in the previous role.

Professional skills

The role applies broad professional knowledge of theory and principles, leveraging thier proven experience to implement and maintain at the highest level. Works independently on issues of diverse scope under a general definition of the requirements.

Behaviors

  • Provides basic and advanced security network assistance LAN, Wireless, VPN configuration
  • Installs and maintains all aspects of office technical security for equipment, including laptops, printers, monitors, and other IT peripherals Supports IT-owned SaaS applications and management systems (AWS, Jamf, G-Suite, Intune, OKTA, Palo Alto, etc.)
  • Provides solutions for more complex issues
  • Takes part in small/medium projects that are related to end-users and/or work together with Tier3 on projects that they own (50% operational, 50% projects)
Independence and complexity

Execute advanced tasks and solve more complex IT issues & projects. Has ownership of critical aspects in the domain.

Behaviors

  • Fully independent in solving IT Security challenges, tickets and maintenance related to end-users and systems in everything related to the information security domain
  • Independent in executing security maintenance and protection tasks with current and new vendors
  • Fully independent in executing their projects A to Z
Collaboration and communication

Collaborates with his own team and others about cross-department tasks. Communicates all the domain needs internally and externally.

Behaviors

  • Communicates in respectful, professional, service-oriented manners
  • Collaborates with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, raise concerns from single ticket to team-wide solutions and support)
  • Acts with an employee as a client
  • Guides IT and specialists regarding complex tickets and projects under their domain
  • Takes actionable part in onboarding new IT security Specialists and team members as a professional function and as a buddy
  • Acts as a Project manager on their projects, with vendors and internal stakeholders
  • Works with the rest of the security team and IT team to to provide timely proactive information and instructions on updates, patches and vulnerabilities and detailed, authoritative remediation steps to security issues and tracks until completion
Culture and maturity

Familiar with the culture and is able to communicate it and act according to it.

Behaviors

  • Familiar with the domain challenges and needs
  • Can contribute to discussions about solutions internally and externally
  • Able to mentor
  • Leads the vision and contstant improvement of the SOC and SOAR elements for monday.com

Senior IT Security Specialist

Professional Path

Level 4. To be promoted for this position the employee should be at least 1 year in the previous role.

Professional skills

The role demonstrates information security mastery in applying theories, principles, concepts, and methodologies to innovative solutions.

Behaviors

  • Works fully independently and proactively on issues of diverse scope under a general definition of the security requirements
  • Uses the knowledge and expert behaviors to support global IT in securing SasS applications and management systems (AWS, Jamf, G-Suite, Intune, OKTA, Palo Alto, etc.)
  • Secures IT-owned network equipment (firewalls, switches, access points)
  • Deploys cutting edge security solutions that will meet business needs and leads medium/large security projects that are related to end-users and company-wide projects (80-90% projects, 10-20% operational)
Independence and complexity

Independently carries out projects and acts as a focal point to all complex IT Security issues in their domain. Has ownership over critical aspects in the domain.

Behaviors

  • Fully independent in project management, solving complex issues, an escalation from Tier 1 / 2
  • The Senior professional function in the team, handles the complex issues related both to the client and to the server-side
  • Reduces complexity, makes complex and difficult tasks achievable and down to earth
  • Meets the process and procedures requirements defined by IT Security (i.e. definition of done, SLA, Constant improvement., etc)
  • Manages their project A to Z, including identifying the need to internally and externally search for optional solutions and deploy until success, quickly and efficiently
Collaboration and communication

Leads the communication about cross-department tasks. Defines the domain needs and communicates them within the domain and with other internal and external stakeholders.

Behaviors

  • Communicates in respectful, professional, service-oriented manner
  • Collaborates with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, identify the needs from working with Infra’s security and other departments)
  • Acts with an employee as a client
  • Takes an actionable part in onboarding new Specialists and Experienced team members as a professional function and as a buddy
  • Acts as a Project manager on their projects with vendors and internal stakeholders
  • Works closely with IT Admins, security team and Infra Teams to identify the needs, provides solutions and remediation to security issues
Culture and maturity

Well established with the company culture and values and able to identify and realign misalignments.

Behaviors

  • Protective of culture
  • Identifies problems in the domain, and proactively offers and promotes solutions to improve company practices and processes
  • Able to mentor Experienced Specialists

IT Security Tech Lead

Professional Path

Level 5.

Professional skills

An integral part in defining the group’s technological vision and system architecture.

Behaviors

  • Detects technical opportunities and gaps at the group level, and leads designing and leading them until completion
  • Holds deep technical specialization at an industry level
  • Provides technical guidance in specific areas and leads team ramp up on new technologies
  • Fast and independently
  • Able perform deep massive changes with speed while maintaining high quality
Independence and complexity

The most professional function in the team, handles the complex issues related both to the client and to the server-side.

Behaviors

  • Independently carries out projects and acts as a focal point to all complex IT issues in his domain
  • Has ownership over critical aspects in the domain
  • Fully independent in project management, solving complex issues, escalation.
  • Leads a technical design of large and complex efforts
  • Breaks down into concerns and areas of volatility, provides high-level solutions, and hands it off to the team.
  • Tackles the most complex challenges in the building of a project or operational issues
  • Reduces complexity, makes complex and difficult tasks achievable and down to earth
Collaboration and communication

Lead the communication about Companywide initiatives.

Behaviors

  • Defines the domain needs and communicate them within the domain and with others internal and external stakeholders
  • Collaborate with all stakeholders as a partner and not “as a critic” (ask questions, consult, think on use cases, identify the needs from working with Infra’ security and other departments)
  • Works closely with IT Admins, IT Leadership, Security Technical Leadership team to identify the needs, provide solutions and remediation to security issues
Culture and maturity

Leader! Well established with the company culture and values and able to identify and realign misalignments.

Behaviors

  • Protective of culture
  • Identifies problems in the domain, and proactively offers and promotes solutions to improve company practices and processes
  • Able to mentor ‘Can-do’ approach for all technical levels of the team
  • Recognizes and puts emphasis on actions that drive our culture

IT Security Team Lead

Professional Path
Professional skills

Leading a team of IT Securiyt Specialists globally or locally.

Behaviors

  • Manages the IT Security team in the company
  • Responsible for their personal and professional development, retention, and overseeing their work sets
  • Manages goals for the IT Security team that they are managing and works with upper management and internal stakeholders to deliver specific security services and security applications designed to perform a variety of information security and protection tasks
  • This individual communicates and coordinates with team members to design, program, and deliver a variety of projects and related technologies to clients, customers, and staff
  • Oversees the testing, delivery, and trouble-shooting of IT Security applications
  • Ensures that we are providing great service to our employees
  • Globally works with the vendors to ensure that we will have all the security systems and services, consistently in all our offices around the world
  • Manges the domain budget and reports to upper management
Independence and complexity

Full independence in managing the domain day-to-day, budgets, projects and priorities.

Behaviors

  • Leads the IT Security team to be efficient, effective, proactive and to strive for excellence
  • Leading IT Security projects in the team globally
  • Works and continuously evaluates our vendors in all sites and meet the IT Security budget
  • Has ultimate ownership over critical aspects in the domain
Collaboration and communication

Being a focal point to all relevant team members.

Behaviors

  • Open and honest communication with the IT and IT Security teams, up, down, and aside from them
  • Communicates regularly as a partner to the site’s management in their domain to manage complex escalations related to or involving the IT security team
  • Communicates in a respectful manner according to the local culture in the different countries
Culture and maturity

Leader! Well established with the company culture and values and able to identify and realign misalignments.

Behaviors

  • Protective of culture
  • Identifies problems in the domain
  • Proactively offers and promotes solutions to improve company practices and processes
  • Able to mentor all levels of the team