דרושים » אבטחת מידע וסייבר » Cyber Intelligence Analyst

משרות על המפה
 
בדיקת קורות חיים
אבחון און ליין
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
14/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Cyber Intelligence Analyst to join our Threat Command team and take our threat intelligence analysis capabilities to the next levels.
As part of the Cyber Intelligence Analyst team, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts..)
In this role, you will:
Research new cybercrime trends and attack vectors that could be converted into actionable on-demand delivered intelligence.
Respond to customers RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.
Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.
Educate and empower our customers, providing them with additional context on various threats and advising on best practices.
Ensure and sustain day-to-day activities of undercover avatars.
Work closely with R&D, Marketing, Sales, and Customer Success teams to provide intelligence expertise.
Delivering and managing A to Z intelligence-related projects, products, and services.
Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.
Requirements:
3+ Years experience in cyber intelligence or equivalent role with advanced familiarity with cybercrime communities and OSINT sources and tools.
Experience as a threat intelligence analyst or in a similar position
Experience in investigating threats, utilizing OSINT, HUMINT and other research techniques to uncover threat actors and their TTPs while providing context to threats and reaching conclusions from incomplete or missing data.
Technical know-how on extracting threat data (IPs, domains, ports, malware, and malicious communications) from multiple sources.
Business understanding and familiarity with corporate security solutions.
Excellent interpersonal and teamwork skills.
Nice to have:
Proven Cyber-HUMINT experience (or real-life equivalent)
Deep understanding of the Dark Web and cybercrime world - TTPs, culture, and slang.
Government intelligence agencies background.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7692346
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
21/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place
Requirements:
Understanding the threat landscape, including attack tools, tactics, and techniques, as well as networking and security fundamentals
Experience investigating targeted, sophisticated, or hidden threats in both endpoints and networks
4+ years of relevant experience with a proven track record in cybersecurity research, specializing in either APTs or cybercrime, but with the ability to address the broader threat landscape
Background in forensic analysis and incident response tools (both Dynamic and Static, such as IDA Pro, Ollydbg, and Wireshark) to identify threats and assess the extent and scope of compromises
Understanding of APT operations, including attack vectors, propagation, data exfiltration, lateral movement, persistence mechanisms, and more
Familiarity with organizational cybersecurity measures, including protective tools and remediation techniques
Excellent written and oral communication skills in English
Strong attention to detail
Knowledge of advanced threat hunting methodologies and the ability to develop novel techniques
Experience in an Incident Response environment is a plus
Proficiency in Python and SQL is beneficial
Familiarity with reverse engineering is advantageous
Ability to simplify and clarify complex ideas
Experience in writing technical blog posts and analysis reports
Ability to analyze and understand the infrastructure of malicious campaigns
Self-starter who can work independently and adapt to changing priorities
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7700467
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
פורסם ע"י המעסיק
18/04/2024
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a curious and ambitious intelligence analyst to join our Intelligence Services Team, as part of our amazing Customer Success group. Responsibilities As a Cyber intelligence analyst, you will:
* Perform research, collect information and conduct monitoring of vulnerabilities, APT groups, threat actors, and cyber attacks on dark, deep, and clear web platforms
* Perform analysis and cross-reference findings
* Create cyber threat intelligence reports based on your analysis and provide information about trends, predictions, and recommendations
This is a PART-TIME position with the option to become full-time in the future.
Requirements:
* At least one year of experience in roles related to intelligence (CTI/Webint/OSINT).
* Familiarity with cyber concepts and terms
* Fluent in written and spoken English
* Experience in professional writing
* Creativity and curiosity
* Desire to develop and grow in the role
* Knowledge in Python, Excel, and Kibana- an advantage
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7637407
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
17/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
we are looking for an Advanced Monitoring Analyst to join the team of cybersecurity analysts that performs advanced and tailored monitoring activities in post-breach clients' environments. The role includes the development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting, and enhancement of sensors and overall visibility status, as well as performing onboarding of new clients. The suitable candidate should be a team player with previous experience in SOC, SecOps, or security monitoring, independent, and with a "can-do" attitude, as well as possessing strong customer-facing capabilities.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.
Requirements:
3-5 years of a relevant experience in the cyber security field from military service and/or industry in cyber defense roles.
Strong analytical thinking, problem-solving mindset and independency.
Independent, bright and positive analyst, who strive for excellency, and able to succeed in a dynamic environment.
Basic understanding of the life cycle of advanced security threats, attack vectors and methods of exploitation.
Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
Good familiarity of common data and log sources for monitoring, detection and analysis (e.g., Event Logs, Firewall, EDR).
Strong technical understanding of network fundamentals, common Internet protocols and system and security controls.
Familiarity of system and security controls, including basic knowledge of host-based forensics and OS artifacts.
Proficient knowledge and experience with scripting (e.g., Python).
Familiarity with cloud infrastructure, web application and servers advantage.
Fluent English (written, spoken) a must.
Proven expertise in engaging with clients through effective communication and interpersonal skills.
Willingness to work off hours as required, with a potential traveling to clients
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7697230
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
24/03/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
This role provides a unique opportunity to join a team with strategic importance to protecting our customers from emerging threats and novel attack methodologies in both cloud and Linux based environments. You will stay ahead of the curve with regards to the threat landscape and your research will directly impact the direction of the team and our product.

If you have a strong passion for security and technology, have an interest in supporting engineering projects, and want to gain real-world experience in dealing with advanced threat actors targeting cloud environments, we have a role for you!


Your contributions will enable continuous improvement of cloud detection capabilities ensuring that our customers can be secured with the most advanced security measures in place.



What You'll Do:

Develop, implement and optimize threat detection rules tailored to cloud runtime environments. Aim to detect and respond to activity as early in the killchain as possible.

Rapid response to potential malicious campaigns or extensive exploitation cloud runtime resources post vulnerabilities disclosure.

Conduct proactive threat hunting exercises to identify potential security gaps and emerging threats within cloud environments.

Track and present threat detection findings, including recommended strategies or possible product improvements.

Collaborate with cross functional teams: Work closely with various teams, including OverWatch, engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the falcon platform.

Stay abreast of the latest threat landscape and cloud security trends, continuously updating detection strategies to address emerging threats and vulnerabilities.
Requirements:
You have a good understanding of Linux-based systems.

You have understanding of cloud-based infrastructure and cloud service models (IaaS, PaaS, Saas).

You can demonstrate experience in container/container orchestrator based intrusion analysis, detection development or malware analysis.

You are comfortable assessing cyber threat intelligence, open source intelligence or partner reporting.

You have a keen interest in the security research field (following subject matter expert blogs, building up static and dynamic analysis environment).

You have knowledge of programming and scripting languages, in particular Python or Bash.

You have experience with large scale data analysis,

You are capable and comfortable communicating information to both technical and nontechnical stakeholders.

You have a deep drive to stop the bad guys.

Good problem solving, communication, and teamwork skills.


Bonus Points:

You have extensive experience in securing services operating on public cloud services (Azure, AWS, Google Cloud).

You have a good understanding of managed Kubernetes services (AKS, EKS, GKS).

Contributions to the open source community (GitHub, Stack Overflow, blogging).

Published research papers at conferences or through other mediums (blogs, articles).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7664910
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
24/03/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
As a senior researcher on the team, you will play a pivotal role in conducting security research, and translating it to direct security value for the company and product.

This role provides a unique opportunity to join a team with strategic importance to protecting our customers from emerging threats and novel attack methodologies in both cloud and Linux based environments. You will stay ahead of the curve with regards to the threat landscape and your research will directly impact the direction of the team and our product.

You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of cloud detection capabilities ensuring that our customers can be secured with the most advanced security measures in place.

What You'll Do:

Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Conduct cutting edge research in the areas of Linux security (low level and high level operating system research) and become an authoritative source of knowledge in the team

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats. Focus on predictive analytics and proactive threat hunting methodologies.

Collaborate with cross functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the falcon platform

Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.
Requirements:
Proven expertise in security research, methodologies, technologies, and tools.

Minimum of 5 years in security research, preferably Cloud infrastructure and Linux

Experience with cloud-native services, infrastructure, and environments

Experience with threat research and misconfiguration identification

Comprehensive knowledge of cloud platforms (AWS, Azure, GCP) and their security features.

Python, golang, and shell scripting experience

Experience with large scale data analysis

Comprehensive knowledge of Kubernetes, docker, podman, and similar containerization and orchestration technologies

Familiarity with cloud automation and orchestration tools for optimizing security processes.

Experience in publishing security research papers and conference talks

Experience in malware analysis and reverse engineering - experience with Linux malware and ELF reverse engineering is a plus

Excellent conceptual thinking and communication skills, capable of conveying complex ideas effectively.

Technical knowledge of network, operating systems (mainly Linux) and data platform security

Good problem solving, communication, and teamwork skills
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7664911
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
17/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Required Cyber Security Data Analyst
Job Description:
Detect and characterize suspicious actors and abnormal behavior, to develop automatic data-driven solutions that mitigate cyber risks and threats
Conduct security research and critical incident investigation, leveraging insights from various technical data sources including application and infra raw logs, as well as users BI events
Be an integral part of data science projects - from the project definition, to the data collection, and evaluation of the model
Be the data expert in security projects and work closely with different teams across the company
Build and maintain reports, dashboards, and metrics, in addition to monitoring the integrity and validity of the data reported
Promote cyber security awareness and guidance to other teams within the company regarding our unique methodologies for threat analysis.
Requirements:
Youre an experienced, technical Data Analyst with 3+ years of practical experience in the fields of cyber security or network intelligence
You have a deep understanding of network layers, protocols and identification and authorization flows
You are proficient in visualization tools such as Tableau or Power BI
You have experience using SQL for quantitative analysis
You take initiative and drive projects from beginning to end with minimal guidance
Youre capable of multitasking and have the ability to manage long term projects, as well as quick short-term tasks
Youre passionate about simplifying and visualizing complex and technical data
Youre proficient in Python data analysis packages (Pandas, Numpy)
Experience with other cyber security related positions: SOC, IR, Fraud detection, would be an advantage
Hands-on experience of Splunk for data analysis would also be advantageous.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7696541
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
03/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response
Requirements:
BS degree in Computer Science or a related technical field or equivalent experience in the security domain ( 600 hrs courses) - a must
Holds Cissp \ Cism \ OSCP certification - Advantage
7-10+ years of recent experience working as a cybersecurity professional
4+ years of experience leading a team of threat hunters, threat intelligence engineers, and/or security operations analysts/engineers
Knowledge in security domains such as: Cloud Access Security broker (CASB), SIEM\SecOps, DFIR practices, DLP, Endpoint Protection and Cloud security solutions (focus on AWS).
Knowledge of relevant frameworks, standards and best practices such as ISO27001/NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain etc.
Expert level experience with using a Security Information Event Management (SIEM) platform
Experience with Cloud solutions (IaaS, PaaS, SaaS AWS)
Experience with Docker containers, Kubernetes, etc
Expert level and hands on experience with Malware Analysis & Reverse Engineering, Digital Forensics & Incident Response, and vulnerability management
Strategic thinker who is able to help architect technology and business processes, and maintain a business and customer focus
Collaborative, self-starter who can work across a global security and IT organization
Consensus builder with strong interpersonal skills; able to communicate across cross functional teams with both technical and non-technical individuals.
In-depth knowledge of information security concepts, design/architecture, and methodologies
Excellent verbal/written communication and data presentation skills, including experience communicating with both business and technical teams.
Self-motivated work well independently and with others
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7678318
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
17/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.



Main Responsibilities:

Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.
Requirements:
At least 4 years of hands-on experience as a Cyber Security Engineer in the cyber security industry.
Relevant experience may include working as a SOC/MSSP Integrator, SOC/MSSP Tier 3 Analyst with integration experience, or Cyber Security Engineer role.
Very high proficiency in English (written and spoken).
Experience in implementing EDR, SIEM, email security, WAF, NAC, and firewall cyber security solutions.
Experience with providing technical guidance and support to global clients.
Familiarity with log collection methodologies and systems, auditing policies, and maintaining visibility across networks, hosts, and cloud environments.
Deep understanding and proven experience working with cloud security environments, architectures, and solutions.
Demonstrated experience working with Linux operating systems (proficiency in Linux command-line tools, including file manipulation, system administration, and troubleshooting).
Experience working with relational databases, preferably SQL.
Familiarity with cyber security industry standards and best practices.
Excellent problem-solving skills and the ability to work independently.
Advanced familiarity with the cybersecurity threat landscape and attack scenarios.
Excellent communication skills, including strong ability to elaborate on a technical idea.
Proven experience with OT environments significant advantage
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7697220
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
15/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.
Requirements:
Over 2 years experience in similar roles.
Understanding of the lifecycle of advanced security threats, attack vectors, and methods of exploitation.
Hands-on experience working with SIEM technologies.
Familiarity with common data and log sources for monitoring, detection and analysis (e.g., Event Logs, firewall, EDR).
Strong technical understanding of network fundamentals, common internet protocols, and system and security controls.
Familiarity with log file formats and understanding of log collection methods including scripting capabilities.
Experience with working with a cloud based environment.
Fluent English (written, spoken) a must.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7693477
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
נאספה מאתר אינטרנט
17/04/2024
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for an exceptional Senior Security Engineer to join our growing team. For the first 6 months you will:
Bolster and develop our defensive security capabilities, identifying advanced threats to us, developing and implementing countermeasures
Responding to incidents and conducting investigations as events happen through analyzing logs and various other sources (ex: AWS Guardduty, SecurityHub, Detective, etc.)
Engineer and automate custom detection and response capabilities to combat malicious and/or unwanted behaviors within the environment
Stay up to date with Tactics, Techniques, and Procedures (TTPs) that may apply to us and define and implement mitigation techniques to improve our overall risk posture
You will be part of a new product security team responsible for building, supporting, enhancing and improving our security frameworks, tools, processes and methodologies used across our SDLC and Runtime environments.
In this role, you will also be responsible to:
Conduct in-depth vulnerability assessments and security auditing of assets
Develop and improve processes for incident detection and the execution of countermeasures
Contribute to the creation and upkeep of run books to handle security incidents
Administer security configuration for threat management platforms for large-scale environments, including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools
Contribute and showcase as a SOAR platform used within our Security Operations
Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations
Consult with our security compliance team during security audits to demonstrate our technical security capabilities
Collaborate with Product Management and Development team members to enhance our Security program
Take part in the Security Operations on-call rotation, including leading all incident response efforts and documentation during your rotation
Requirements:
At least 5+ years of multifaceted defensive and offensive security experience in an enterprise Saas-based company
Strong technical knowledge and deep experience in security logging and monitoring, vulnerability assessment, risk-based analysis, and vulnerability mitigation
A skilled security expert who can implement tools and processes to incorporate threat intelligence from the ground up and automate threat-hunting
Operational experience with AWS security solutions (e.g Inspector, Guarduty, Detective, Security Hub, Advanced Shield)
Hands-on experience designing and deploying security controls across all security domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions
Capable of leveraging programming and/or scripting languages to solve practical day-to-day security challenges (Python, Go, Ruby)
Strong understanding of encryption technologies (e.g, TLS, HMAC, RSA, AES, PKI)
Strong understanding of Web-related technologies (e.g, HTTP, SOAP, REST, TCP / IP)
Experience conducting or managing incident response for organizations, investigating targeted threats
Experience and knowledge of common penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc
Bachelors or Masters degree in computer science or equivalent experience
Information security professional certifications are a plus (CLSSP, CISSP, CISA, GSSP, GSEC, etc.)
Soft Skills / Personal Characteristics:
Ability to work autonomously in a fast-paced, cross-functional environment and comfortable with ambiguity
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
7696777
סגור
שירות זה פתוח ללקוחות VIP בלבד