דרושים » אבטחת מידע וסייבר » Red Team Expert

we are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.

Main Responsibilities:

Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices

We are looking for talented security researchers, people who look at the world differently, who explore, "hunt" and live to beat the system and challenge it. People who are in pursuit of outsmarting the malware and overcoming it.
Youll be part of an exceptional research team that will ensure we provide the best detection, protection, and visibility capabilities to our customers at any given time. The team leads the vulnerabilities, exploits and anti-tampering research for all of our security products under all platforms. The team does it by performing in-depth analysis and research of vulnerabilities and exploits, while also being responsible for closing the loop through the development and deployment of detection assets to millions of endpoints across the globe. Youll be working closely with other detection teams to ensure our customers get the best security products they can. Your time will be focus on research and detection & protection assets.
Research
Assessing and evaluating our detection and protection coverage against in the wild vulnerabilities, exploits, and anti-tampering techniques.
Closing the loop by conducting research to discover and implement innovative solutions for these security challenges.
Initiate and propose new features and capabilities, leveraging personal experience and expertise in security research.
Perform strategic long-term research projects that involve deep research of OS internals, new detection techniques, and novel threats.
Continually learn about emerging vulnerabilities, exploits, threats, techniques, and new technologies on a regular basis.
As a security research expert, youll collaborate with many teams to help and support their work using your expertise, knowledge, or research.
Detection And Protection assets
Youll be responsible for developing the new detection content for all of our engines that will improve our detection, protection, and visibility, reaching all of our millions of endpoints across the globe.
Youll be responsible for the quality and accuracy of the deliverables that youll create and be accountable for them.
Youll create, maintain, and improve existing infrastructure and tools that are being used by the team.
You will also be encouraged to write white papers, blogs, and articles (but only if you wish to).

Deep Instinct, the first cyber security company to apply Deep Learning to cyber security is looking for a Senior DevOps Cloud Engineer. Deep instinct is an innovative start-up that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in early at a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW! You will take part in Developing, maintaining, and optimizing our products and their production environments. Play a key role in designing our transformation from a single tenant service to a high scale multi-tenant HA cloud native solution. Influence and optimize our software delivery lifecycle, Infrastructure as code, container orchestration, artifact managers, monitoring, and more while working closely with development and research teams.

Office Location:
TLV Office

Region:
Israel

Responsibilities::
What kind of things we do? Streamline the software development lifecycle by identifying pain points and productivity barriers and determining ways to resolve them. Collaborate closely with development teams to understand their current build and release processes and make recommendations for improvement. Partner with cross-functional stakeholders, including development, research, operations, quality assurance and security, to streamline processes. Provide guidance to development teams to improve performance and operability of the solutions they develop. Build and maintain the CI/CD pipelines to improve developer productivity, agility, and code quality. Develop and continuously improve automation solutions to enable teams to build, deploy and test code efficiently and consistently. Ensure that systems meet business and customer needs for reliability and availability. Monitor and manage application performance and service quality, including initial troubleshooting, identification of root cases and issue resolution. Work closely with cross-functional stakeholders to analyze and troubleshoot complex production issues.


Why Work With Us::
Deep Instinct , is the first cyber security company to apply Deep Learning as a platform. We are the only cyber security company harnessing the power of deep learning to prevent 99% of known and unknown attacks from malware and zero-day threats. Deep Instinct Prevention for Endpoints . Prevention of malicious files at the endpoint is critical. Deep Instinct prevents known, unknown, zero-day, and ransomware from executing on the endpoint Deep Instinct Prevention for Applications. is an agentless, on-demand, anti-malware solution for the enterprise that is device and system agnostic. With our unique, industry-leading deep learning ap

We are looking for a highly technical individual to join the Threat and Detection team in our Tel-Aviv R&D center.

The team is dedicated to PANW Cortex Security & Security Assurance Features on multiple Operating systems including but not limited to Windows and Linux, simulating and developing POCs for known threats and offensive tools to determine New features security Coverage & Detection quality across the Kill Chain /MITRE ATT&CK Framework and real threats.

In this role, you will identify unique ways to solve problems by creating custom ATTACK Infrastructure, tooling, and advancing in-house Security capabilities. We are looking for someone who can bring new ideas and perspectives to Simulate , Code and react to new threats, Malware, and Exploits. The position will expand our XDR, Malware, and Exploit sensors and capabilities, that utilize heuristics and ML technologies.

More information about Cortex XDR can be found here .

Your Impact

Learn new security features, technologies, and platforms in a relatively short amount of time
Gain hands-on experience with scalable, extensible, and real-time detection/prevention systems
Learn to analyze and identify real-world vulnerabilities, Malware, and exploits
Learn to leverage data-driven approaches to identify threats and mitigations automatically
Reproduce and analyze security issues, that either came from the field or have been found during the Security validation cycle
Enrich our Security automation Coverage and infrastructure to protect against known and unknown threats
Partner with Research and Low-Level engineering groups to identify security issues and gaps
Scale-out existing security tooling and infrastructure for both on-prem and Cloud workloads
Research and develop new tools and capabilities that emulate real-world adversary behavior.
Define and lead adversary emulation engagements to show cyber defensive teams how to respond to real-world adversaries

We are is looking for experienced technologists with a combination of technical depth and excellent interpersonal skills to join the EMEA Prototyping team as Prototype Architect (PA). The PA will join a newly created group of hands-on developers focusing on the Israel market.

The PA will work on multi-week customer prototypes through collaborative projects with developers and solution architects from customers, partners and other stakeholders. A prototype brings technology and business concepts together and is a real technical implementation of a solution to a customer's business challenge. As a PA, you would focus on co-developing solutions on us with customers and enable them to ramp up as builders and take forward the implementation to production.

The ideal candidate for this role should combine hands-on development with solution architecture skills, and demonstrate a good understanding of the company`s services portfolio with experience building solutions following cloud architecture, security and operational best practices. Interest and experience with Generative AI is a plus for this role. The PA is expected to ideate and implement technical architectures addressing customer needs while working closely with specialist resources for domains requiring deep expertise

Key job responsibilities:
- Support the Prototype Engagement Manager in Israel and other local stakeholders in the technical qualification and scoping of new prototype opportunities.
- Lead the design and implementation of prototype architectures addressing customer needs working together with prototyping architects, solution architects and other stakeholders, with focus on Generative AI technologies.
- Deliver 3 to 8 weeks hands-on prototype projects with customers and partners, in agile and collaborative development engagements.
- Drive continuous technical enablement and knowledge transfer to customers and partners involved in prototype engagements.
- Develop and present technical demonstrations to Senior Business and Technical leaders, and document projects as appropriate.
- Proactively collaborate with the wider community such as Solutions Architect, Service and Solution teams to ensure optimal customer outcomes during engagements.
- Proactively develop reusable technical assets from customer engagements and promote within the EMEA and worldwide company`s SA community.

we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.

Main Responsibilities

Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.

Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.

Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.

Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.

Collaborate with IT and Security teams during investigations.

Generate and present a comprehensive and professional report of findings from investigations.

we are looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

We are looking for an exceptional Senior Security Engineer to join our growing team. For the first 6 months you will:
Bolster and develop our defensive security capabilities, identifying advanced threats to us, developing and implementing countermeasures
Responding to incidents and conducting investigations as events happen through analyzing logs and various other sources (ex: AWS Guardduty, SecurityHub, Detective, etc.)
Engineer and automate custom detection and response capabilities to combat malicious and/or unwanted behaviors within the environment
Stay up to date with Tactics, Techniques, and Procedures (TTPs) that may apply to us and define and implement mitigation techniques to improve our overall risk posture
You will be part of a new product security team responsible for building, supporting, enhancing and improving our security frameworks, tools, processes and methodologies used across our SDLC and Runtime environments.
In this role, you will also be responsible to:
Conduct in-depth vulnerability assessments and security auditing of assets
Develop and improve processes for incident detection and the execution of countermeasures
Contribute to the creation and upkeep of run books to handle security incidents
Administer security configuration for threat management platforms for large-scale environments, including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools
Contribute and showcase as a SOAR platform used within our Security Operations
Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations
Consult with our security compliance team during security audits to demonstrate our technical security capabilities
Collaborate with Product Management and Development team members to enhance our Security program
Take part in the Security Operations on-call rotation, including leading all incident response efforts and documentation during your rotation

We are growing and is looking for a talented Threat Hunting Expert to join the company to enable our growth by investigating and hunting for sophisticated threat actors in the cyber security world.
The SOC Platform intelligently correlates events from every organizational data source and security solution, revealing undetected threats in modern enterprises and allowing security analysts to triage and investigate security events rapidly.
Team Axon comprises unique cyber security talents, who are responsible for proactively hunting for advanced threat actors over different attack platforms in our customers' environments, and for the investigation of sophisticated attacks. The team exhibits bleeding-edge threat hunting and research skills, which are applied over Enterprise, Cloud and SaaS platforms.
RESPONSIBILITIES:
What youll do:
Engage in continuous threat hunting practices and reveal below the radar attacks which bypassed current traditional security solutions.
Serve as an expert to our customers, Investigating sophisticated cyber attacks on customers environments over enterprise, cloud and application platforms.
Be at the heart of the Cyber Security threat landscape and research the most recent attack techniques found in the wild.
Be the focal point in the ecosystem, working closely with R&D, AI and product teams.
Implement cutting-edge detection strategies, and develop innovative investigation methodologies that will boost our platforms effectiveness and efficacy.
Be at the forefront of our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments.

we are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
Your Impact

Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place