דרושים » אבטחת מידע וסייבר » Incident Response Expert

Requirements:
At least 3 years experience in team management (from military service and/or industry).

Excellent English spoken and written.

In-depth understanding of the lifecycle of advanced security threats, attack vectors and methods of exploitation.

Strong technical understanding of network fundamentals, common internet protocols and system and security controls.

Experience with the tools and techniques used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.

Multidisciplinary knowledge and competencies, such as:

o Hands-on experience in data analysis (preferably network traffic or log analysis) in relevant data analysis and data science platforms (Jupyter, Splunk, pandas, SQL).

o Familiarity with cloud infrastructure, web application and servers, Android and iOS mobile platforms.

o Experience with malware analysis and reverse engineering.

o Familiarity with enterprise SIEM platforms (e.g. Splunk, QRadar, ArcSight).

Exceptional reporting and analytics abilities, written and oral presentation skills must be able to articulate complex technical issues in a concise and confident manner, and provide status updates to a variety of audiences, including technical personnel and executive-level management.

Ability to work in a dynamic matrix organizational structure, with people across all levels in the company, including executives and technical stakeholders.

Team-oriented, with excellent communication skills.

Decisive, bright, and positive leader, who strives for excellencee.

Previous experience in strategy or cybersecurity consulting an advantage.

Willingness for extensive travel abroad.

Requirements:
3+ years of experience in security operations, with a strong focus on incident detection and response
Demonstrated experience responding to and managing security incidents in cloud environments (AWS/Azure/GCP)
Proficiency with SIEM and SOAR platforms, including rule creation, tuning, and maintenance
Strong knowledge of cloud security monitoring tools and techniques
Experience analyzing endpoint, network, and application logs for anomalous events
Practical understanding of common attack vectors, TTPs, and how to detect them
Knowledge of malware functionality and persistence mechanisms
Experience with security automation and scripting for incident response workflows
Growth mindset with a focus on continuous improvement of security operations

Requirements:
Bachelor's degree or equivalent practical experience.
7 years of experience in a customer-facing analytical role in cyber security (e.g. Network Forensics Analyst, Threat Intelligence Analyst).
Experience engaging with, and presenting to, technical stakeholders and executive leaders.
Ability to communicate in Hebrew fluently as this is a client facing role.
Ability to travel 30% of the time.
Ability to attain Israel Active Clearance (or previous Israel Security Clearance).

Preferred qualifications:
Active Israel Security Clearance.
7 years of experience evaluating forensic reports of electronic media, packet capture, log data, malware triage, or enterprise-level information security operations.
Experience with CTI methodologies and applications within cyber security organizations, including analysis supporting monitoring, detection and response capabilities.
Experience in deploying and analyzing data from technical security controls (e.g. web proxy, firewalls, IPS, IDS, enterprise antivirus solutions, network analyzers).
Experience with standard network logging formats, network management systems and network security monitoring systems, and security information and event management.

Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
Minimum of 8 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies, including SALSA.
Strong understanding of secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience with security tools and technologies such as static and dynamic analysis tools, vulnerability scanners, and penetration testing tools.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are highly desirable.
Proven experience in a similar role at another leading software development company.

Requirements:
3+ years of experience as a threat researcher, incident responder, malware analyst, detection engineer or other relevant roles.
Practical experience in tracking state-sponsored or advanced financially motivated actors including malware, infrastructure and TTPs.
Profound knowledge and understanding of malware and common attacking techniques.
Hands-on experience in automating and optimizing hunting and enrichment processes using code (preferably Python).
Familiarity with query languages and data exploration tools.
Ability to translate technical findings into actionable detection and prevention signatures.
Experience in writing technical blog posts and technical analysis reports.
Experience in public speaking and presentation of research in cyber security conferences .
Fluent English.

Requirements:
5+ years of experience in web application penetration testing following OWASP methodologies
Hands-on experience with offensive security tools such as Burp Suite, Fiddler, SQLmap, Metasploit, Nmap, Netcat, BloodHound, Empire, and Wireshark
Strong understanding of network security concepts, including firewalls, VPNs (IPsec & SSL), IDS/IPS, and WLANs
Proficiency in scripting and automation (Python, PowerShell, JavaScript, Bash)
Experience managing and securing Windows and Unix/Linux environments
Knowledge of database security, including functions, interactions, and communications
Ability to effectively communicate findings to technical and non-technical stakeholders, including C-level executives
Hands-on experience in exploiting security vulnerabilities in lab or real-world environments (e.g., Capture the Flag challenges)
Experience in penetration testing for operational technologies (OT) - Advantage
OSCP / OSWE certifications or equivalent ethical hacking certifications - Advantage

Requirements:
At least 10 years of cybersecurity experience, including leadership roles within Incident Response or cyber operations. 
Proven track record of leading global teams through meaningful tasks and client engagements. 
Deep understanding of attack/defense and threat intelligence strategies. 
Hands-on expertise in cybersecurity, forensics, and IR methodologies advantage. 
Strong executive communication skills, with the ability to influence and advise clients during crisis situations. Fluent in English. 
Proven experience operating in dynamic, client-facing contexts. Experience in consulting or professional services environments advantage.  
Willingness to travel internationally on short notice in support of critical engagements. 

Requirements:
At least 4 years of experience managing teams within the cyber domain.
Hands-on technical background in cybersecurity MUST; Incident Response technical/managerial background an advantage.
Client-facing experience MUST.
Experience working with global clients an advantage.
Experience in professional cybersecurity services consulting roles an advantage.
Strong ability to perform under pressure, manage heavy workloads, and operate effectively in crisis situations.
Proven ability to thrive in a dynamic environment and handle multiple projects under tight deadlines.
Exceptional analytical, reporting, and communication skills in both Hebrew and English (written and spoken).
Willingness to travel abroad on short notice.

Requirements:
A problem-solver with at least 7 years of experience in field engineering: Technical Account Manager / Technical Support Engineer (Tier 2/3) - Pre-Post Sales Engineer, Professional services consultant
Must have experience in offensive security: BAS, CTEM, threat hunting, red teaming.
Operational experience with the following technologies: SIEM (Splunk, IBM QRadar, etc), Firewalls (Palo Alto Networks), Endpoint Security, Vulnerability Management, Threat Intelligence Platforms & Pen-testing platforms.
Strong background in the cybersecurity ecosystem (Application and/or Endpoint security)
Multi-OS support experience: Windows, Mac & Linux
Experience with enterprise security products and/or offerings
Strong knowledge of cloud architecture as well as on-premise IT landscape
Solid understanding of IT security strategies
Knowledge of cloud technology (AWS, Azure, GCP)
Excellent business and written and verbal communication skills - able to simplify complex topics in a friendly and approachable manner for both executive and end-user audiences

Requirements:
At least 4 years of hands-on experience as a Cyber Security Engineer in the cyber security industry.
Relevant experience may include working as a SOC/MSSP Integrator, SOC/MSSP Tier 3 Analyst with integration experience, or Cyber Security Engineer role.
Very high proficiency in English (written and spoken).
Experience in implementing EDR, SIEM, email security, WAF, NAC, and firewall cyber security solutions.
Experience with providing technical guidance and support to global clients.
Familiarity with log collection methodologies and systems, auditing policies, and maintaining visibility across networks, hosts, and cloud environments.
Deep understanding and proven experience working with cloud security environments, architectures, and solutions.
Demonstrated experience working with Linux operating systems (proficiency in Linux command-line tools, including file manipulation, system administration, and troubleshooting).
Experience working with relational databases, preferably SQL.
Familiarity with cyber security industry standards and best practices.
Excellent problem-solving skills and the ability to work independently.
Advanced familiarity with the cybersecurity threat landscape and attack scenarios.
Excellent communication skills, including strong ability to elaborate on a technical idea.
Proven experience with OT environments significant advantage.