We are looking for an exceptional Senior Security Engineer to join our growing team. For the first 6 months you will:
Bolster and develop our defensive security capabilities, identifying advanced threats to us, developing and implementing countermeasures
Responding to incidents and conducting investigations as events happen through analyzing logs and various other sources (ex: AWS Guardduty, SecurityHub, Detective, etc.)
Engineer and automate custom detection and response capabilities to combat malicious and/or unwanted behaviors within the environment
Stay up to date with Tactics, Techniques, and Procedures (TTPs) that may apply to us and define and implement mitigation techniques to improve our overall risk posture
You will be part of a new product security team responsible for building, supporting, enhancing and improving our security frameworks, tools, processes and methodologies used across our SDLC and Runtime environments.
In this role, you will also be responsible to:
Conduct in-depth vulnerability assessments and security auditing of assets
Develop and improve processes for incident detection and the execution of countermeasures
Contribute to the creation and upkeep of run books to handle security incidents
Administer security configuration for threat management platforms for large-scale environments, including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools
Contribute and showcase as a SOAR platform used within our Security Operations
Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations
Consult with our security compliance team during security audits to demonstrate our technical security capabilities
Collaborate with Product Management and Development team members to enhance our Security program
Take part in the Security Operations on-call rotation, including leading all incident response efforts and documentation during your rotation

We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response

we are looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

we are looking for an Incident Response Manager to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience focus and speed of response teams can mean the difference between a minor blow and a devastating impact on performance and reputation of organizations.

The Incident Response Manager is both a subject matter expert for clients and team members, and a leader. Significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security team

we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.

Main Responsibilities

Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.

Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.

Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.

Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.

Collaborate with IT and Security teams during investigations.

Generate and present a comprehensive and professional report of findings from investigations.

we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place

we are looking for a Cybersecurity SOC Engineer to join the Global Security Operations team and support threat detection and incident response in our internal environments. The scope of the Security Operations team spans both the Enterprise and Product environments.

You will join a team of analysts and engineers who protect the enterprise that aims to protect the world from cyberattacks. In this role, you will quickly become an expert in Palo Alto Networks security products; primarily XDR, XSOAR, Next-Generation Firewalls and Prisma Cloud. You will also provide feedback to the engineering teams to continually improve our world-leading security products.

we are looking for an Advanced Monitoring Analyst to join the team of cybersecurity analysts that performs advanced and tailored monitoring activities in post-breach clients' environments. The role includes the development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting, and enhancement of sensors and overall visibility status, as well as performing onboarding of new clients. The suitable candidate should be a team player with previous experience in SOC, SecOps, or security monitoring, independent, and with a "can-do" attitude, as well as possessing strong customer-facing capabilities.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

We are looking for a motivated, energetic and experienced Information Security Manager (ISM) to be part of our information security journey and take the lead in the security GRC and awareness domains. Take ownership of your domain and oversee information security through the development of policies, training initiatives, establishment of vendor security assurance, advancement of company awareness, and the development of security and privacy compliance certificates and audits.

As a key role within the Information Security team, the ISM position requires a working knowledge of information security systems and technologies. The ISM will proactively work with all teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.

The ISM will serve within the Governance, Risk, and Compliance (GRC) team as the process owners of GRC activities related to the availability, integrity and confidentiality of customers, business partners/vendors, employees, and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
What you will be doing:
Manage Forters GRC program, ensuring compliance with SOC2, ISO 27001/27701 and PCI-DSS, while enhancing process efficiency through the implementation of automation.
Review, update, and create policies and procedures to ensure alignment with customer requirements, certifications, and regulations.
Respond to security questions and questionnaires from company prospects and customers, providing support for company operations.
Conduct routine internal security reviews.
Manage information security risk activities, including conducting annual risk assessments, performing root cause analysis, and overseeing remediation activities.
Lead the vendor security program - Assess the security and compliance of vendors.
Responsible for the security awareness program, conducting training sessions, quizzes, and drills.
Continuously enhance the security standard of solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluate them.
Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts.