lead incident response analyst
This role will sit within the Security Operations group in a global hitech company.
The Lead Incident Response Analyst will work in both a team environment and independently to analyze information security systems and threat intelligence in order to detect and respond to potential threats and recommend mitigation strategies.
What You’ll Do:
– Function as a focal technical lead on incident events providing technical, hands-on investigation, and support
– Lead the investigative process for network intrusions, products, and other cybersecurity incidents to resolve the cause and extent of the attacks
– Perform sophisticated malware detection and threat analysis
– Continuously review SIEM dashboards, system, application logs, Intrusion Detection Systems (IDS), and custom monitoring tools
What You Bring:
– Deep understanding of security incident handling and forensics skills including probing and attack methods, network/service discovery, system assessment, viruses, and other forms of malware
– Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), phishing, malicious payloads, malware, applications, etc.
– Experience with information security technologies such as, but not limited to, SIEM, IPS/IDS, vulnerability management software, user behavior monitoring, unstructured data monitoring tools or internet content filters
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
Head of professional cybersecurity Services
The global Startup in cybersecurity, just after raising another round, is growing and has expanded its existing offering of cybersecurity services and is looking for a hands-on world-class cybersecurity services expert.
In this role, you will:
– Serve as the Subject Matter Expert for cybersecurity services, methodologies, and best practices for securing operational environments.
– Create and expand the company’s cybersecurity services portfolio including the materials and technical content for each of the defined services.
– Own the technical aspects of a service opportunity, from the initial discussions with clients and partners, to supporting the sales process in pricing and proposals, providing all necessary services materials, developing the service technical contents and methodologies, and execution.
– Lead and perform services of responses to compliance audits, such as: security governance and strategy program development, cybersecurity policies and procedures, cyber risk assessments, penetration tests, vulnerability assessments, training, SIEM/SOC related services, incident response, secure design, and other services .
We’re excited about you if you have:
– At least 7 years of experience in developing cybersecurity services methodologies and performing hands-on cybersecurity services related to clients’ infrastructure with deep technical skills.
– Experience in one or more performing the following cybersecurity services on OT environments:
– Cyber strategy and program development
– Cyber risk assessments
– Attack and penetration testing
– Vulnerability assessments
– Cybersecurity training (various technical levels)
– SIEM/SOC related services
– Incident response policy & procedures .
– Experience in writing cybersecurity policies and procedures
– Excellent English both in speaking and writing
-
סוג משרה:מלאה 5 ימים בשבוע
Siem Analyst/Integrator
Looking for SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.
RESPONSIBILITIES:
– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
REQUIREMENTS
– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
Qradar Team leader
Looking for Qradar SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.
RESPONSIBILITIES:
– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
REQUIREMENTS
– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
ArcSight Engineer
Looking for Arcsight SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.
RESPONSIBILITIES:
– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
REQUIREMENTS
– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
Product Manager – Management Platform
This enterprise company is looking for individuals that want to be at the ground floor of building a product that addresses the world’s most challenging security problems. Innovation starts here, visionaries welcomed!
What You’ll Be Doing:
– Manage roadmap for components and services of the Management Platform
– Perform customer and market research, industry analysis to assess market need, size of opportunity, competitive landscape
– Create new management Cloud services to meet customer and business needs
– Ensure product in development matches the specified requirements
Experience:
– Experience with SaaS platforms
– Minimally 3 years’ experience in product management
– Experience with enterprise products – e.g. SIEM, NGFW, EPP, ATD, NAC, EDR, etc.
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
Splunk SIEM Expert
Looking for Splunk SIEM Expert to be part of SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide. senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.
RESPONSIBILITIES:
– Understand customer requirements and recommend best practices SIEM solutions
– Offer consultative advice in security principles and best practices related to SIEM operations
– Assist in the creation and verification of Statement of Work (SOW) documentation
– Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
– Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
– Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
REQUIREMENTS
– University Degree in Information Security or equivalent work experience
– Minimum 4 years experience in a similar role
– Preferred SIEM Vendor certification of Administrator
– Experience and proficient in UNIX/Linux and/or Regular Expressions.
– The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC
-
סוג משרה:מלאה 5 ימים בשבוע
-
תחומים:
בקר אבטחת מידע
מחלקת אבטחת מידע גדולה המאפשרת את בטיחות הלקוחות.
בין פעילויות אבטחת המידע : הטמעת אמצעים מתקדמים לאבטחת פעילות הגולשים באתר, שדרוג והתאמת מערכות האבטחה בהתאם לאיומים הקיימים באינטרנט, בדיקות מחמירות של מערכות, ובדיקת זהות המשתמשים באפליקציה ובטיחותה.
תיאור משרה:
זיהוי ותגובה של איומי סייבר על תשתיות ולקוחות לאומי.
ניטור בזמן אמת 24/7 אחר התראות ממערכת SIEM.
הגנה מפני איומים בתחום ההונאה המקוונת.
ניתוח מתקפות סייבר וחקירת אירועי אבטחת מידע שוטפים וחריגים.
ידע נדרש:
– מינימום שנה ניסיון בתפקיד SOC קודם הכלל עבודה עם מערכות SIEM וטיפול באירועי אבטחת מידע
– ידע בפרוטוקולי תקשורת Tcp-ip, http, smtp, UDP, HTTPS, ssh
– היכרות עם עולם הHacking
– זמינות ל6 משמרות שבועיות (24X7 כולל סופי שבוע ולילות)
-
סוג משרה:משמרות כולל סופש
-
תחומים:
איש SOC
חברת טכנולוגיית מידע ישראלית.
– ניסיון מוכח בתחקור, ניתוח ותגובה לאירועי אבטחת מידע והגנה בסייבר.- חובה
– תקשורת – CCNA or equivalent
– שליטה ב-Active Directory
– מערכות הפעלה – Basic LinuxWindows
– היכרות עם מוצרי אבטחת מידע כגון: Firewall, Proxy, DLP, IPS, Siem,WAF
– יכולת התבטאות והתנסחות גבוהה, כולל באנגלית – חובה
-
סוג משרה:משמרות כולל סופש
-
תחומים: