We are looking for a passionate security analyst to join in building the next gen. SIEM. A Product that is based on a leading SIEM, SOAR, XDR, Analytics and Services.


Job Description
-Perform analysis of a variety of security sources to identify indicators of attack/compromise, including: Host-based system logs, Network traffic logs, Firewall logs, Intrusion detection system etc..
– Perform event correlation using information gathered from various sources within the customer’s infrastructure to determine risk level from an identified security event.
– Incorporate analysis results into the product:
o Develop and tune detection, investigation and response playbooks
o Work with R&D and Product teams on definition of analysis workflows


Skills:
– 2-3 years+ of work experience as SOC analyst, threat hunter, security research or similar roles
– experience with threat intelligence tools: VirusTotal, Shodan, MISP/other feed collections, analysis with MITRE ATT&CK framework
– Familiarity with SOAR playbooks
– Knowledge of security defense products: Endpoint, Network, Identity etc.
– Hands on SQL and big data analysis experience

Our Cybersecurity Center of Excellence is looking for an experienced and motivated Incident & Response Analyst professional, to establish and operate IR monitoring lab, supporting tens of automotive products/


In this position, you will identify, assess, and manage vulnerabilities, while collaborating with PSIRT teams from various locations.


Main responsibilities as I&R Analyst:


– Lead company Incident and Response activities
– Monitoring vulnerabilities in wide range of products by using automated tools
– Analyze, triage and manage vulnerabilities
– Manage incidents and suggest short-term mitigations


Qualifications and skills


– 3+ years of commercial experience in threat intelligence, IR and monitoring
– Experience/knowledge embedded products – advantage
– Very good understanding of cyber security concepts focuses on Linux/Android OS – advantage
– Basic understanding of attacks and exploits, how they work and how to assess and mitigate the damage

Israeli technology company known for its best-in-class technology to help government intelligence and law-enforcement agencies lawfully address the most dangerous issues in today’s world.


Seeking for SOC Analyst.


RESPONSIBILITIES


– Provide incident response to security events include end-to-end investigation, immediate response and mitigation actions, root cause analysis, and remediation process
– Cyber security vulnerabilities and threats analysis to pinpoint true vs. false positives and determine corrective actions
– Help develop, implement, and maintain SOC policies, processes and procedures
– Write Incident Response(IR) Playbook


REQUIREMENTS


– Work in shifts 24/7
– General knowledge of network, operating systems, and security technologies
– Understanding of network technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching
– Basic knowledge in cyber security: terminology, PT, hacker methodologies and tactics, system vulnerabilities and key indicators of attacks

Looking for Qradar SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.



RESPONSIBILITIES:


– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)


REQUIREMENTS


– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC

Looking for Splunk SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.



RESPONSIBILITIES:


– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)


REQUIREMENTS


– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC