דרושים » אבטחת מידע וסייבר » Security Analyst

we are looking for an Advanced Monitoring Analyst to join the team of cybersecurity analysts that performs advanced and tailored monitoring activities in post-breach clients' environments. The role includes the development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting, and enhancement of sensors and overall visibility status, as well as performing onboarding of new clients. The suitable candidate should be a team player with previous experience in SOC, SecOps, or security monitoring, independent, and with a "can-do" attitude, as well as possessing strong customer-facing capabilities.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place

We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response

We are looking for a Competitive Intelligence Product Manager.
As a Competitive Intelligence Product Manager, your mission is to spearhead our market intelligence efforts, ensuring that our product offerings remain competitive and innovative.
This role requires a deep dive into the cybersecurity market landscape, analyzing competitors, and identifying strategic opportunities for differentiation and growth.
You will act as a bridge between the markets realities and our product development teams, influencing our product roadmap and strategic decisions.
Responsibilities:
Conduct thorough market research to understand the competitive landscape, trends, and customer needs within the cybersecurity domain.
Empower the Product team with actionable insights, enabling the development of solutions that distinctly position us in the market.
Lead the competitive intelligence process, including the collection and analysis of competitive data, to inform product positioning, features, and go-to-market strategies.
Collaborate closely with engineering, security, and marketing teams to ensure product messaging and capabilities accurately reflect competitive advantages.
Play a pivotal role in the product roadmap development, integrating competitive research findings to prioritize features and initiatives.
Drive continuous improvement by monitoring competitive developments and aligning product strategies to maintain and enhance market position.

We are looking for a Cyber Intelligence Analyst to join our Threat Command team and take our threat intelligence analysis capabilities to the next levels.
As part of the Cyber Intelligence Analyst team, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts..)
In this role, you will:
Research new cybercrime trends and attack vectors that could be converted into actionable on-demand delivered intelligence.
Respond to customers RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.
Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.
Educate and empower our customers, providing them with additional context on various threats and advising on best practices.
Ensure and sustain day-to-day activities of undercover avatars.
Work closely with R&D, Marketing, Sales, and Customer Success teams to provide intelligence expertise.
Delivering and managing A to Z intelligence-related projects, products, and services.
Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.

Required Cyber Security Data Analyst
Job Description:
Detect and characterize suspicious actors and abnormal behavior, to develop automatic data-driven solutions that mitigate cyber risks and threats
Conduct security research and critical incident investigation, leveraging insights from various technical data sources including application and infra raw logs, as well as users BI events
Be an integral part of data science projects - from the project definition, to the data collection, and evaluation of the model
Be the data expert in security projects and work closely with different teams across the company
Build and maintain reports, dashboards, and metrics, in addition to monitoring the integrity and validity of the data reported
Promote cyber security awareness and guidance to other teams within the company regarding our unique methodologies for threat analysis.

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?

You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, ML algorithms and a lot of data.

As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.

Your Impact

Take part in development of new security capabilities/features to help protect customers using state-of-the-art machine learning algorithms
Lead and perform groundbreaking cyber security research while working side by side with top-notch data scientists, engineering and PM teams
Break apart cyber security problems in a scientific way, provide support, reviews and consultant to both technical and non-technical partners

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

we are looking for a Cybersecurity SOC Engineer to join the Global Security Operations team and support threat detection and incident response in our internal environments. The scope of the Security Operations team spans both the Enterprise and Product environments.

You will join a team of analysts and engineers who protect the enterprise that aims to protect the world from cyberattacks. In this role, you will quickly become an expert in Palo Alto Networks security products; primarily XDR, XSOAR, Next-Generation Firewalls and Prisma Cloud. You will also provide feedback to the engineering teams to continually improve our world-leading security products.