We are looking for a passionate security analyst to join in building the next gen. SIEM. A Product that is based on a leading SIEM, SOAR, XDR, Analytics and Services.


Job Description
-Perform analysis of a variety of security sources to identify indicators of attack/compromise, including: Host-based system logs, Network traffic logs, Firewall logs, Intrusion detection system etc..
– Perform event correlation using information gathered from various sources within the customer’s infrastructure to determine risk level from an identified security event.
– Incorporate analysis results into the product:
o Develop and tune detection, investigation and response playbooks
o Work with R&D and Product teams on definition of analysis workflows


Skills:
– 2-3 years+ of work experience as SOC analyst, threat hunter, security research or similar roles
– experience with threat intelligence tools: VirusTotal, Shodan, MISP/other feed collections, analysis with MITRE ATT&CK framework
– Familiarity with SOAR playbooks
– Knowledge of security defense products: Endpoint, Network, Identity etc.
– Hands on SQL and big data analysis experience

Hitech company is looking for a tech-savvy individual who will join a Cyber Security team.
He will lead and maintain SIEM SOC operations, performing a variety of tasks including building and maintaining the company’s security infrastructure, enforcing security best-practices, defining security policies on various security systems.
Developing and automating processes as SOAR and also responding to cyber threats and SIEM and SOC technology and architecture.



Position Requirements:
– A minimum 3 years of information security experience. A minimum of 1 year of SIEM-SOC experience.
– Strong background in most of the following topics: SIEM, SOC,SOAR, Firewalls, IPS, NAC, EDR, DLP, OS Hardening, Cloud, Vulnerability Management.
– Expert knowledge in IT security best practice and solutions.

Looking for Qradar SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.



RESPONSIBILITIES:


– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)


REQUIREMENTS


– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC

A global cyber security services and platform company automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.



The Cyber Threat Hunter will handle technical research and intelligence analysis in various aspects of cyber security.


Areas of Responsibility:
– Proactively drive hunting and analysis against the available dataset to look for indicators of security breaches
– Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack techniques, to form hunting workflows and mitigation steps
– Recommend system tuning/customization and data collection improvement to client
– Work with our Threat Intelligence and malware solutions to identify threats, develop or recommend countermeasures, and provide dedicated solutions to security risks



Required Skills:
– Deep knowledge and understanding of attacks and compromise footprints
– Knowledge in baseline operating system internals, network communications and user behavior
– Operational experience as a Cyber Threat Hunter including deep investigation of network, endpoint and cloud logs
– Previous working experience with SIEM systems as part of SOC group

The global Startup in cybersecurity, just after raising another round, is growing and has expanded its existing offering of cybersecurity services and is looking for cybersecurity services expert.


In this role, you will:
– Serve as the Subject Matter Expert for cybersecurity services, methodologies, and best practices for securing operational environments.
– Create and expand the company’s cybersecurity services portfolio including the materials and technical content for each of the defined services.
– Own the technical aspects of a service opportunity, from the initial discussions with clients and partners, to supporting the sales process in pricing and proposals, providing all necessary services materials, developing the service technical contents and methodologies, and execution.
– Lead and perform services of responses to compliance audits, such as: security governance and strategy program development, cybersecurity policies and procedures, cyber risk assessments, penetration tests, vulnerability assessments, training, SIEM/SOC related services, incident response, secure design, and other services .


We’re excited about you if you have:
– At least 7 years of experience in developing cybersecurity services methodologies and performing hands-on cybersecurity services related to clients’ infrastructure with deep technical skills.
– Experience in one or more performing the following cybersecurity services on OT environments:
– Cyber strategy and program development
– Cyber risk assessments
– Attack and penetration testing
– Vulnerability assessments
– Cybersecurity training (various technical levels)
– SIEM/SOC related services
– Incident response policy & procedures .


– Experience in writing cybersecurity policies and procedures
– Excellent English both in speaking and writing

This global stratup is looking for IR Security Engineer , a hands-on role in a dynamic and fast-paced environment.


Responsibilities
– Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and conclude past and future security incidents
– In-depth experience with Incident Response (time lining, artifacts, etc)
– Place foundation for automating security operations by creating playbooks and flows based on security incidents outcome
– Deliver accurate and timely security investigations and responses.
– Finding and fixing security vulnerabilities


Desired Skills and Experience:
– 3+ years information security hands-on experience, preferably as a SOC/IR (tier 3/4) team member (e.g. writing Incident Response procedures and triage methodologies)
– Experience with security principals on cloud computing and technology : AWS,GCP and Azure
– Ability to lead projects such as security controls implementation, design and maintain tools and integrations, etc
– In-depth understanding of SIEM technology (ELK/Splunk or equivalent)

If you have a strong desire to be part of a professional team, in an exciting and fast-growing space, you’ll find your place at this startup!


We are looking for a Security Operations Center Manager to help lead the Security Operations Center efforts in a rapidly evolving environment.


In this role, you will:


– Recruit and build a SOC Team
– Build dashboards, sophisticated alerts and reports for critical security events
– Investigate, analyze and respond to security alerts, violations and incidents
– Develop, implement, and maintain SOC policies, processes and procedures
– Perform proactive threat hunting


For this role you’ll have to bring:


– Minimum – 5 years of experience in the Information Security field
– At least 3 years of experience in SOC with SIEM systems or other log management tools
– Must – Deep knowledge of Linux systems (3+ years)
– Must – Experience with Bash/Perl/Python/Ruby scripting

This role will sit within the Security Operations group in a global hitech company.


The Lead Incident Response Analyst will work in both a team environment and independently to analyze information security systems and threat intelligence in order to detect and respond to potential threats and recommend mitigation strategies.


What You’ll Do:


– Function as a focal technical lead on incident events providing technical, hands-on investigation, and support
– Lead the investigative process for network intrusions, products, and other cybersecurity incidents to resolve the cause and extent of the attacks
– Perform sophisticated malware detection and threat analysis
– Continuously review SIEM dashboards, system, application logs, Intrusion Detection Systems (IDS), and custom monitoring tools


What You Bring:


– Deep understanding of security incident handling and forensics skills including probing and attack methods, network/service discovery, system assessment, viruses, and other forms of malware
– Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), phishing, malicious payloads, malware, applications, etc.
– Experience with information security technologies such as, but not limited to, SIEM, IPS/IDS, vulnerability management software, user behavior monitoring, unstructured data monitoring tools or internet content filters

The global Startup in cybersecurity, just after raising another round, is growing and has expanded its existing offering of cybersecurity services and is looking for a hands-on world-class cybersecurity services expert.


In this role, you will:
– Serve as the Subject Matter Expert for cybersecurity services, methodologies, and best practices for securing operational environments.
– Create and expand the company’s cybersecurity services portfolio including the materials and technical content for each of the defined services.
– Own the technical aspects of a service opportunity, from the initial discussions with clients and partners, to supporting the sales process in pricing and proposals, providing all necessary services materials, developing the service technical contents and methodologies, and execution.
– Lead and perform services of responses to compliance audits, such as: security governance and strategy program development, cybersecurity policies and procedures, cyber risk assessments, penetration tests, vulnerability assessments, training, SIEM/SOC related services, incident response, secure design, and other services .


We’re excited about you if you have:
– At least 7 years of experience in developing cybersecurity services methodologies and performing hands-on cybersecurity services related to clients’ infrastructure with deep technical skills.
– Experience in one or more performing the following cybersecurity services on OT environments:
– Cyber strategy and program development
– Cyber risk assessments
– Attack and penetration testing
– Vulnerability assessments
– Cybersecurity training (various technical levels)
– SIEM/SOC related services
– Incident response policy & procedures .


– Experience in writing cybersecurity policies and procedures
– Excellent English both in speaking and writing

This enterprise company is looking for individuals that want to be at the ground floor of building a product that addresses the world’s most challenging security problems. Innovation starts here, visionaries welcomed!


What You’ll Be Doing:


– Manage roadmap for components and services of the Management Platform
– Perform customer and market research, industry analysis to assess market need, size of opportunity, competitive landscape
– Create new management Cloud services to meet customer and business needs
– Ensure product in development matches the specified requirements


Experience:


– Experience with SaaS platforms
– Minimally 3 years’ experience in product management
– Experience with enterprise products – e.g. SIEM, NGFW, EPP, ATD, NAC, EDR, etc.

Looking for Splunk SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.



RESPONSIBILITIES:


– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)


REQUIREMENTS


– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC