A start-up company in the field of cyber is looking for a talented Threat Hunting Expert to join the company, investigating and hunting for sophisticated threat actors in the cyber security world.
Candidate who are responsible for proactively hunting for advanced threat actors over different attack platforms in company customers’ environments, and for the investigation of sophisticated attacks.
The team exhibits bleeding-edge threat hunting and research skills, which are applied over Enterprise, Cloud and SaaS platforms.

What you’ll do:



Engage in continuous threat hunting practices and reveal “below the radar” attacks which bypassed current traditional security solutions.
Serve as an expert to the companys’ customers, Investigating sophisticated cyber attacks on customers’ environments over enterprise, cloud and application platforms.
Be at the heart of the Cyber Security threat landscape and research the most recent attack techniques found in the wild.
Working closely with R&D, AI and product teams.
Implement cutting-edge detection strategies, and develop innovative investigation methodologies that will boost the Hunters platform’s effectiveness and efficacy.

Requeirments:


5+ years of experience in defensive and/or offensive Cyber Security: Red Teaming or Blue Teaming, and Threat Hunting experience
Solid understanding of various enterprise technologies, such as: OS internals, EDR, Active Directory, Office 365, Network protocols
Cloud technologies such as AWS, Microsoft Azure and GCP – an advantage
Data analysis experience (SQL Databases, ELK, Splunk, etc.)
Experience with Python and SQL
Proficient in English (both written and spoken) – a must
Customer-facing experience – an advantage




 

We are looking for a Security Operations Center Engineer and Cyber Defense Incident Responder (5+ years of experience).
The office is located in Tel-Aviv and the role is daily shifts 5 days a week. (no night shifts).

 

This is the position of an analyst with about 5 years of experience (with the possibility of being a leader/team leader.) Areas of providing SIEMSOC services for a classified security project.

A valid level 3 security classification is required or has been valid for the past two years

 

Responsibilities:

Developing and implementing SIEM solution

Develop content for a complex and growing SIEM infrastructure.

Monitor SIEM and other event sources, assess, prioritize, escalate, and manage security alerts.

Perform analysis of security, network database and application logs, correlate events, and activities to create threat scenarios in order to get ahead of threat actors and reduce the exposure.

Lead the imminent threat/zero-day response function across the environment.

Translate threat intelligence into actionable security across tools such as firewall, IPS and malware detection across multiple security vendor platforms.

Track and resolve security incidents on regular frequencies and collaborate with other teams for resolution and suggest areas for improvement.

Continuous fine-tuning of our security solutions to reduce the occurrence of false positive and false negative alerts.

Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

Perform cyber defense trend analysis and reporting.

Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.

Write and publish cyber defense techniques, guidance, and reports on incident findings.

 

Qualifications

A minimum 5 years’ experience in Security Operations or similar role

Experience in a Managed Services role.

Experience as an incident responder.

Threat hunting experience

Experience with tools and technologies such as ELK stack, Sigma, Velociraptor, Sysmon, osquery, TheHive.·

Working knowledge of industry best practices such as HIPAA, PCI-DSS, and NIST·

Experience working with email platforms such as O365, G Suite, and Exchange

Deep recognition of diverse security controls and monitoring, with the ability to analyze malicious files.

Familiarity with offensive security, including knowledge of diverse attack methods and techniques.

 

Advantage – military’s experience in the field of cybersecurity.

 

A top tier cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide, is looking for highly capable Incident Response team leader.


Main Responsibilities of the team:
– Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
– Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in client’s networks. as well as security assessments and simulations
– Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.

Main Requirements
– At least 4 years of a relevant experience (from military service and/or industry)
– Demonstrated in-depth understanding of the life cycle of advanced security threats, attack vectors and variant methods of exploration.
– Deep technical understanding of network fundamentals and common Internet protocols
– Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix and MacOS), including host-based forensics and experience with analyzing OS artifacts
– Fluency with one or more scripting language (i.e. Python)

A large organization is looking for Cyber Incident Response Analyst
-This role supports cyber threat detection and incident response
-This function leverages threat intelligence to proactively hunt for and response to external cyber threats.
– The operational scope includes global network infrastructure, industrial control systems and information assets.

Requirements
– Previous experience performing incident response in a security operations center or equivalent cybersecurity organization
– Hands on experience performing host and network digital forensics
– Expertise in the identification of cyber-attack techniques