דרושים » אבטחת מידע וסייבר » Senior SOC Analyst

We are looking for a Leader to join our SOC Team. As a technical leader, you will on-going manage the ongoing shifts.

You will technologically manage the ongoing shifts that will include team members from multiple departments, whose goal is to technologically lead the team that responds to incidents created by internal and external systems.

In addition, This is the leading team of the SOC (Shift Managers) the team that takes part in advanced investigations, the technological leader, and the main source of knowledge in the room.

A passion for Security Operations with strong skills in critical thinking, communication, and mentoring, an inquisitive nature, and excitement to be part of our are musts.

Responsibilities
Professional guidance and accompaniment of a central team
Preservation and development of investigative and monitoring methods
Collaboration with other teams in the company with an emphasis on the professional aspect

We are looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work.
A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

We are NeoGames (Nasdaq: NGMS), a global leader of iLottery solutions and services to national and state-regulated lotteries. We are part of the NeoGames Group, an iGaming powerhouse with 1100 employees spread across 8 countries. At NeoGames, we pride ourselves on our “People first” culture. Not only has it been a core value in our organization for as long as we can remember but it also runs in our DNA and is felt in every aspect of our operations. We are currently seeking a SecOps Manager. In this position you will work to implement the Security Operations strategy as part of the cyber security team, to enable secure business operations and missions. As a Security Operations Manager, you will be responsible for overseeing the security operations of the Real Money Gaming (RMG) production workloads. You will supervise a team of security professionals to ensure the confidentiality, integrity, and availability of the organization's production information assets. This role requires a deep understanding of security operations, incident response, threat intelligence, and risk management. The Manager of security Operations will leverage their knowledge of best practices to be able to support the Security Operations policies, standards, and legal requirements while overseeing a team of Security Operations and Engineering SMEs. The Manager, Security Ops will execute Security Ops & Engineering strategy, manage and work with relevant vendors to solve security issues and problems. This role will require a keen understanding of business key assets and processes, unique business requirements, the information security program, and combining this information to address residual risk by recommending security enhancements within the area of responsibility.

Responsibilities:
• Responsible for the Confidentiality, Integrity, and Availability of PROD systems. • Lead and supervise our external (MSP) Security Operations Center (SOC) functions that consist of: • Monitoring, detection and analysis activities • Threat Hunting • Threat intelligence activities • Incident response (IR) activities • Being the focal point for PROD security incidents – Manage the investigation, provide communication • Coordinate incident response process (SOC) for PROD workloads – Lead the incident response process, ensuring security incidents are promptly detected, assessed, and mitigated.. • Coordinate and communicate with RMG customers during incidents to provide updates on progress and potential impacts. Communication will be performed in partnership with Product Security and GIS. • Conducting post-incident reviews, and implementing improvements based on lessons learned.. • Enrich and expand the SOC coverage based on existing/ & new attack vectors. • Suggest detection and response improvements for GIS as well as the MSP to speed up and/or enhance detection capabilities. • Ensures security operations playbooks are created and/or in place to cover any identified process gaps and the team is able to execute against them in the absence of leadership. • Develops and reports key metrics to demonstrate the success of the organization across organizational levels, up to, and including, the Board. • Ensure the ongoing delivery/implementation of security measures & tools – Work with IT & DevOps to make sure that the security roadmap is fully delivered with optimal quality. • Assists with setting and advancing the global strategic vision, and execution of Security Operations and Engineering aspects of Our Global Information Security program. • Monitors industry information technology and security trends, threats, and regulatory trends to identify effects to Security Operations interests and in scope responsibilities. • Supports acquisition due diligence for information security risks and supports control design for integration. • Participates in reporting requirements, monthly/quarterly status meetings, and offsites as appr

We are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.
Main Responsibilities:
Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices.

We are seeking a System Information Security Engineer to join our Professional Services Team.
Responsibilities:
Analyse security systems and seek improvements continuously.
Report possible threats or software issues.
Research weaknesses and find ways to counter them.
Find cost-effective solutions to cybersecurity problems.
Understand software, hardware and internet needs while adjusting them to our business environment.
Develop best practices and security standards for the organization.

We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud).

Responsibilities:

Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.

We are looking for a Security Architect to join our architecture team within the Critical Cyber Operations Group.
As a Security Architect you will review our clients current organizations infrastructure, whether it is on-prem or cloud-based, identify security vulnerabilities and offer a viable plan to rectify them.
Responsibilities:
Perform architecture reviews on designed or deployed environments, identifying security flaws and recommending mitigations plans
Escort, evaluate and improve our clients security posture by elevating their infrastructure resilience and implement best-practice organizational procedures
Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.
Research and advocate for new security solutions and technologies

Required Senior Infrastructure Security Engineer
The Senior Infrastructure Security Engineer Role:
As a Senior Infrastructure Security Engineer, you will be at the forefront of securing our SaaS Cloud Infrastructure. Your role is to research, design, and implement cutting-edge security solutions that align with our policies, standards, and legal requirements.
You will be a vital part of our dynamic team, ensuring security is seamlessly integrated into every phase of the infrastructure's lifecycle.
What makes this role interesting?
Innovative Security Solutions: Spearhead the design and implementation of security solutions, contributing to the evolution of our SaaS Cloud security.
Automation for Scaling: Prioritize automation to enhance security tooling coverage, focusing on detecting, alerting, and remediating vulnerabilities and misconfigurations.
Collaborative Impact: Collaborate with cross-functional teams, including SRE, IT, and Developers, to embed security seamlessly and drive secure practices throughout the organization.
Evangelizing Cloud Security: Develop, advocate, and monitor the adoption of robust cloud security practices, influencing the entire infrastructure positively.
Heres how youll be making an impact:
Architecture Reviews: Conduct security architecture reviews for new and existing product or platform components, ensuring the highest standards of security.
Autonomy and Ownership: Independently triage and resolve security issues, continuously improving incident detection and risk mitigation.
Policy Updates and Audits: Participate in updating security policies, internal and external audits, penetration tests, and vulnerability assessments, contributing to a secure environment.
Subject Matter Expertise: Be a recognized subject matter expert on cloud infrastructure security, sharing knowledge and insights across the organization.

A SaaS platform delivers AI-powered recommendations to eliminate detection coverage gaps in the organization's existing security stack.
Our platform is not yet another security monitoring product, but an innovative solution that uses AI and automation to maximize the value of the existing security tools and systems.
Among our clients are some of the top 10 private equity firms; top 10 consumer packaged goods manufacturers; top 10 cable operators; top 10 US law firms; top 10 money transfer firms; and top 15 MDR/MSSP.
was founded in early 2020 by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others.

We are looking for a Security Researcher to join our Cyber Security team
This role involves conducting research on the cybersecurity landscape, leveraging intelligence feeds to map existing threat actors, attack vectors, and TTPs, and analyzing complex data to detect advanced threats using knowledge of the current threat landscape.
This role will also help to identify and build strategies to correct gaps and issues in customers' environment, including defining new detection content or use cases and working with the engineering team to deploy them.

RESPONSIBILITIES
Discover, analyse and track advanced cyber-attack campaigns
Conduct proactive research to define new use cases/detection rules
Conduct research (OSINT, labs etc.) to generate threat intelligence
Maintain current knowledge of adversaries tactics, techniques, procedures, malware attacks, and other cyber security threats
Curate knowledge based on APT groups, monitoring and detection tools
Interact with customers orally and in writing
Proactively identify cyber security improvements and recommend appropriate control improvements