A global cyber security services and platform company automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
The Cyber Threat Hunter will handle technical research and intelligence analysis in various aspects of cyber security.
Areas of Responsibility:
– Proactively drive hunting and analysis against the available dataset to look for indicators of security breaches
– Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack techniques, to form hunting workflows and mitigation steps
– Recommend system tuning/customization and data collection improvement to client
– Work with our Threat Intelligence and malware solutions to identify threats, develop or recommend countermeasures, and provide dedicated solutions to security risks
– Deep knowledge and understanding of attacks and compromise footprints
– Knowledge in baseline operating system internals, network communications and user behavior
– Operational experience as a Cyber Threat Hunter including deep investigation of network, endpoint and cloud logs
– Previous working experience with SIEM systems as part of SOC group
This global stratup is looking for IR Security Engineer , a hands-on role in a dynamic and fast-paced environment.
– Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and conclude past and future security incidents
– In-depth experience with Incident Response (time lining, artifacts, etc)
– Place foundation for automating security operations by creating playbooks and flows based on security incidents outcome
– Deliver accurate and timely security investigations and responses.
– Finding and fixing security vulnerabilities
Desired Skills and Experience:
– 3+ years information security hands-on experience, preferably as a SOC/IR (tier 3/4) team member (e.g. writing Incident Response procedures and triage methodologies)
– Experience with security principals on cloud computing and technology : AWS,GCP and Azure
– Ability to lead projects such as security controls implementation, design and maintain tools and integrations, etc
– In-depth understanding of SIEM technology (ELK/Splunk or equivalent)
If you have a strong desire to be part of a professional team, in an exciting and fast-growing space, you’ll find your place at this startup!
We are looking for a Security Operations Center Manager to help lead the Security Operations Center efforts in a rapidly evolving environment.
In this role, you will:
– Recruit and build a SOC Team
– Build dashboards, sophisticated alerts and reports for critical security events
– Investigate, analyze and respond to security alerts, violations and incidents
– Develop, implement, and maintain SOC policies, processes and procedures
– Perform proactive threat hunting
For this role you’ll have to bring:
– Minimum – 5 years of experience in the Information Security field
– At least 3 years of experience in SOC with SIEM systems or other log management tools
– Must – Deep knowledge of Linux systems (3+ years)
– Must – Experience with Bash/Perl/Python/Ruby scripting
This role will sit within the Security Operations group in a global hitech company.
The Lead Incident Response Analyst will work in both a team environment and independently to analyze information security systems and threat intelligence in order to detect and respond to potential threats and recommend mitigation strategies.
What You’ll Do:
– Function as a focal technical lead on incident events providing technical, hands-on investigation, and support
– Lead the investigative process for network intrusions, products, and other cybersecurity incidents to resolve the cause and extent of the attacks
– Perform sophisticated malware detection and threat analysis
– Continuously review SIEM dashboards, system, application logs, Intrusion Detection Systems (IDS), and custom monitoring tools
What You Bring:
– Deep understanding of security incident handling and forensics skills including probing and attack methods, network/service discovery, system assessment, viruses, and other forms of malware
– Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), phishing, malicious payloads, malware, applications, etc.
– Experience with information security technologies such as, but not limited to, SIEM, IPS/IDS, vulnerability management software, user behavior monitoring, unstructured data monitoring tools or internet content filters
The global Startup in cybersecurity, just after raising another round, is growing and has expanded its existing offering of cybersecurity services and is looking for a hands-on world-class cybersecurity services expert.
In this role, you will:
– Serve as the Subject Matter Expert for cybersecurity services, methodologies, and best practices for securing operational environments.
– Create and expand the company’s cybersecurity services portfolio including the materials and technical content for each of the defined services.
– Own the technical aspects of a service opportunity, from the initial discussions with clients and partners, to supporting the sales process in pricing and proposals, providing all necessary services materials, developing the service technical contents and methodologies, and execution.
– Lead and perform services of responses to compliance audits, such as: security governance and strategy program development, cybersecurity policies and procedures, cyber risk assessments, penetration tests, vulnerability assessments, training, SIEM/SOC related services, incident response, secure design, and other services .
We’re excited about you if you have:
– At least 7 years of experience in developing cybersecurity services methodologies and performing hands-on cybersecurity services related to clients’ infrastructure with deep technical skills.
– Experience in one or more performing the following cybersecurity services on OT environments:
– Cyber strategy and program development
– Cyber risk assessments
– Attack and penetration testing
– Vulnerability assessments
– Cybersecurity training (various technical levels)
– SIEM/SOC related services
– Incident response policy & procedures .
– Experience in writing cybersecurity policies and procedures
– Excellent English both in speaking and writing
A cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
Seeking a Senior Security Analyst who will be part of our growing SOC group, which monitors, investigates, and resolves security incidents, violations, and suspicious activities
Resolve, escalated report and raise recommendations for resolution and remediation for security incidents.
Advanced monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity.
Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
Experience in working as a Senior Analyst as part of a Soc group for 2+ years
Experience working with different SIEM vendors
Experience in incident response, writing procedures runbooks and playbooks
This enterprise company is looking for individuals that want to be at the ground floor of building a product that addresses the world’s most challenging security problems. Innovation starts here, visionaries welcomed!
What You’ll Be Doing:
– Manage roadmap for components and services of the Management Platform
– Perform customer and market research, industry analysis to assess market need, size of opportunity, competitive landscape
– Create new management Cloud services to meet customer and business needs
– Ensure product in development matches the specified requirements
– Experience with SaaS platforms
– Minimally 3 years’ experience in product management
– Experience with enterprise products – e.g. SIEM, NGFW, EPP, ATD, NAC, EDR, etc.
סוג משרה:מלאה 5 ימים בשבוע
Looking for Splunk SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.
– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC
עבור בנק מוביל – ניסיון מוכח בתחקור, ניתוח ותגובה לאירועי אבטחת מידע והגנה בסייבר.- חובה – תקשורת – CCNA or equivalent – שליטה ב-Active Directory – מערכות הפעלה – Basic LinuxWindows – היכרות עם מוצרי אבטחת מידע כגון: Firewall, Proxy, DLP, IPS, Siem,WAF – יכולת התבטאות והתנסחות גבוהה, כולל באנגלית – חובה
סוג משרה:משמרות כולל סופש