דרושים » אבטחת מידע וסייבר » SECURITY RESEARCHER

We are looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work.
A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

Responsibilities:
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.

We are looking for a Security Architect to join our architecture team within the Critical Cyber Operations Group.
As a Security Architect you will review our clients current organizations infrastructure, whether it is on-prem or cloud-based, identify security vulnerabilities and offer a viable plan to rectify them.
Responsibilities:
Perform architecture reviews on designed or deployed environments, identifying security flaws and recommending mitigations plans
Escort, evaluate and improve our clients security posture by elevating their infrastructure resilience and implement best-practice organizational procedures
Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.
Research and advocate for new security solutions and technologies

We are seeking a highly skilled and experienced Technical Product Expert& SME with a deep understanding of security principles in on-premise and cloud environments, ideally with some offensive security background. The ideal candidate will have a strong background in leading technical and non-technical teams and extensive knowledge of security frameworks, remediation methodologies, and security operational models.



Responsibilities:

Provide technical guidance, mentorship, and support team members to ensure high-quality service delivery.
Methodological mindset to create and maintain security and product usability processes and enforce them with internal customers such as CSMs, SEs, and the product team
Collaborate with product and RND about product usage and feedback from the field
Continuously monitor, analyze, and report on key performance indicators (KPIs) of the product.
In escalated client meetings, provide product matter expert remediation insights, recommendations, and security best practices.
Stay abreast of industry trends, emerging technologies, and best practices in automation to provide strategic insights and recommendations for enhancing technical solutions.

Our DFIR team is responsible for responding to our clients' cyber incidents and crises.Our group is expanding. If you see yourself in the front line of the cybersecurity domain as a data forensic and incident response (DFIR) talent, your place is with us. As a DFIR team member, you will participate in hands-on security research and investigations, helping our customers understand and mitigate cyber threats and attacks.
Responsibilities:
Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery
Perform incident response in a cloud environment (Azure, AWS, etc.).
Perform digital forensics investigations
Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors
Perform hunt-evil and find-evil activities for proactively detecting attacks
Work closely with our in-house red team, CTI, and cyber architect teams
Work closely with worldwide companies, CISOs, and technology experts

Shift4 is boldly redefining commerce by simplifying complex payments ecosystems across the world. As the leader in commerce-enabling technology, Shift4 powers billions of transactions annually for hundreds of thousands of businesses in virtually every industry. For more information, visit shift4.com As part of our continued growth, we're looking for an Information Security Architect. Key Roles and Responsibilities:
*  Play key role in product & system design, reviews and solution architecture, and provide security guidelines, all in a highly regulated ecosystem.
*  Control and manage mitigation plan implementation as part of the above security guidelines
* Identify, research, explore, and lead the evaluation and implementation of new security controls for the required business projects
*  Work closely with the product team to enhance Finaro’s product security
* Work with IT teams on new innovative infrastructure projects, including VM environments, network infrastructure, storage systems, DB platforms, and cloud environments, and provide security guidance for all related fields and layers respectively
* Work with R&D teams to enhance application security within Finaro software

We are looking for a highly skilled and motivated software engineer who, along with the rest of our excellent software engineers in the group, will be responsible for developing the core component of the product while adhering to company standards and processes.

You will be working closely with other members of the group on a regular basis as well as other groups in the company from time to time. Communication is key!

Duties will include (but are not limited to) designing and implementing the newest

and most popular cyber-attack techniques that are relevant to all of customers.

As part of our continued growth, we're looking for an Information Security Architect.
Key Roles and Responsibilities:
Play key role in product & system design, reviews and solution architecture, and provide security guidelines, all in a highly regulated ecosystem.
Control and manage mitigation plan implementation as part of the above security guidelines
Identify, research, explore, and lead the evaluation and implementation of new security controls for the required business projects
Work closely with the product team to enhance Finaros product security
Work with IT teams on new innovative infrastructure projects, including VM environments, network infrastructure, storage systems, DB platforms, and cloud environments, and provide security guidance for all related fields and layers respectively
Work with R&D teams to enhance application security within Finaro software

As a 24/7 Monitoring and Technical Support, you will:

Work in shifts 247, including weekends and holidays
Handle day-to-day production issues
Provide clients with a professional and friendly first point-of-contact for all incidents
Continuously develop and improve the teams service and processes
Perform preventive maintenance
Troubleshoot and debug technical incidents