We are looking for atop-tier Cyber Security Analyst & IR Expert (Tier 3) to leadthe professional response within our defense team. In this role, you willspearhead complex investigations, perform deep-dive forensics, and continuouslyevolve the detection and response capabilities of a leading financialinstitution.

Thisposition requires high technical proficiency, "out-of-the-box"thinking, and a profound understanding of both offensive and defensive securitylandscapes.

Note: The position is open toboth men and women alike.

KeyResponsibilities

·       IncidentResponse (IR): Lead end-to-end (E2E)investigations of complex cyber incidents, performing deep-dive technicalanalysis.

·       ThreatHunting: Conduct proactive threathunting based on Cyber Intelligence and hypothetical attack scenarios acrosson-prem and cloud environments.

·       DetectionEngineering: Design and build advancedSIEM rules, write YARA/Sigma rules, and optimize alert logic to reduce noiseand increase precision.

·       PurpleTeaming: Collaborate closely with RedTeam/PT units to analyze penetration tests and validate security vulnerabilities.

·       Mentoring: Act as a technical focal point, providing guidance andmentorship to Tier 1 and Tier 2 analysts.

Requirements

·       Experience: At least 3+ years of hands-on experience as a CyberInvestigator / SOC Analyst (Tier 2/3) – Mandatory.

·       OSMastery: Deep understanding of Windows& Linux operating systems at the Kernel/Internals level – Mandatory.

·       TechStack: Proven experience with SIEM, XDR,and SOAR systems, including writing complex queries, building dashboards, anddeveloping detection rules – Mandatory.

·       DigitalForensics: Hands-on experience inforensic investigations using tools such as Volatility, EnCase, FTK, orequivalent open-source tools – Mandatory.

·       Scripting: Proficiency in Python, PowerShell, or Bash forautomation and investigation purposes – Mandatory.

·       Networking: Deep understanding of network protocols andinfrastructure.

·       Languages: High-level English (both technical writing and reading).

‍

Job Description:

• Responsible for overseeing and managing information security projects in collaboration with the organization's infrastructure security team
• Providing information security guidance to infrastructure, IT systems, and various business units across the organization
• Supporting technology projects from an information security and infrastructure perspective throughout the entire project lifecycle
• Defining security requirements, identifying appropriate solutions, evaluating relevant technologies, and conducting technical assessments of security solutions
• Drafting information security requirements in alignment with organizational policies, with a primary focus on infrastructure-level security
• Participating in the design of secure architectures in accordance with company policies
• Supporting infrastructure system security reviews and assessments
• Drafting security requirements for security products and innovative technologies
• Monitoring and ensuring compliance with the Cyber Risk Management guidelines issued by the Commissioner of Insurance, as well as with relevant information security policies and regulations

Required Qualifications:

• Minimum of 5 years of experience in information security in similar roles
• Proven experience in managing and supporting security projects, with an emphasis on infrastructure security
• Experience and knowledge in defining and managing SIEM systems
• Experience working with infrastructure and development teams
• Hands-on experience in managing and operating communication and infrastructure security components such as NAC, DLP, SIEM, Firewall, IPS, WAF

Advantages:

• Experience and familiarity with operating systems in VM, Windows, and Linux environments
• Bachelor's degree in Computer Science or Engineering
• Relevant certifications and courses in the field
• Familiarity with the Cyber Risk Management guidelines issued by the Commissioner of Insurance, as well as with information security standards and methodologies
• Experience in financial institutions and knowledge of the insurance industry

This position is open to all qualified applicants – men and women alike!

‍

התפקיד כולל מעקב, ניהול ובקרה על ממצאים, חולשות ופגיעויות הנובעות ממגוון פעילויות בתחום הסייבר, כולל סקרים, פיקוח על תקני אבטחת המידע, מבחני Penetration Testing (PT), מערכות הגנה בסייבר, סריקות יזומות וכדומה. התפקיד דורש עבודה מול צוותים טכניים, צוותי אבטחת מידע, מפתחים, מנהלי פרויקטים וגורמים שונים בארגון כדי להבטיח טיפול אפקטיבי בממצאים והבאתם לידי מימוש. תיאור התפקיד:

• ניהול תהליך מקיף של מעקב אחרי ממצאים, פגיעויות וחולשות הנובעות ממגוון כלי אבטחת מידע, כולל טיפול, עדכון ודיווח שוטף.
• מתן פתרונות טכנולוגיים וייעוץ מקצועי לצוותי המנהלים והטכנאים בכל הנוגע לניהול סיכונים תוך תיעדוף, תיאום והכוונה למימוש פעולות תיקון בזמן.
• הכנת דו"חות שוטפים ומעמיקים על המצב הקיים, כלים ושיטות עבודה, תיעוד ממצאים וסטטוס ביצוע הפעולות המתבצעות.
• עבודה מול מנהלי פרויקטים טכנולוגיים וגורמים בכירים כדי להבטיח כי כל פגיעות סייבר ותחומים רגישים מקבלים את ההתייחסות הנדרשת בזמן.
• השתתפות פעילה בהגדרת נהלים, סטנדרטים ונהלי עבודה למניעת פגיעויות ולשיפור כללי של הגנת הסייבר בארגון.
• שיפור מתמיד של תהליכי הניהול והבקרה תוך שימוש בטכנולוגיות חדשות ומודרניות בתחום אבטחת המידע.

‍דרישות התפקיד:

• ניסיון של 3 שנים לפחות בתפקיד דומה בתחום אבטחת המידע או ניהול פרויקטים טכנולוגיים- חובה.
• ניסיון בעבודה מול צוותים טכנולוגיים ויכולת לעמוד ביעדים תוך ניהול סיכונים.
• ניסיון וידע מעמיק בעבודה עם כלים בתחום ניטור והגנת הסייבר הכולל כלי סריקות אבטחה (כדוגמת מערכות CNNAP, SIEM וכדומה) - חובה.
• הבנה טכנולוגית מעמיקה בתחומי אבטחת המידע, מערכות מידע, סייבר ותשתיות IT- חובה.

‍יכולות נדרשות:

• יכולת ניהול משימות וריבוי פרויקטים בו-זמנית תוך שמירה על סדר, דיוק ולוחות זמנים.
• כישורי ניהול זמן מצוינים, יכולת תיעדוף משימות והבאתן לסיום אפקטיבי.
• יכולת עבודה עצמאית לצד עבודה שוטפת בצוותים מגוונים.
• כישורים בין אישיים גבוהים, כולל עבודה מול ממשקים בכירים והובלת שיחות מקצועיות עם צוותי טכנולוגיה.
• יכולת ניתוח בעיות טכנולוגיות והצעת פתרונות יצירתיים בשיתוף פעולה עם גורמים שונים בארגון.
• זמינות גבוהה, שירותיות ומחויבות למצוינות.

המשרה פונה לגברים ונשים כאחד

‍

The Cyber ​​Defense Department in the Technology Division of a leading IT organization operates a Cyber ​​Defense Center (SOC – Security Operation Center). The defense center is active 24/7.

As part of operating the Cyber ​​Defense Center, the department is recruiting a Threat Intelligence Analyst for a growing technical team, specializing in a variety of areas such as monitoring and analyzing information and cyber security events, intelligence and detecting potential threats, monitoring user actions, analyzing malicious code and performing forensics, assessing vulnerabilities and monitoring penetration tests.

Responsibilities:

• Collecting information, processing and monitoring the most up-to-date data in the world of intelligence from a wide variety of information sources to assist in the development of prevention and security mechanisms against new threats in the healthcare sector.

• Monitoring and managing information security vulnerabilities and finding open weaknesses in the various systems in the organization using a vulnerability and vulnerability management system.

• Conduct in-depth investigations of cyber incidents, analyze findings, and present clear and professional conclusions.

• Support response to cyber incidents by analyzing data related to active or potential security breaches and providing recommendations for containment and relevant remediation.

• Build close relationships with various departments in the organization, working closely with the SOC team in the Cyber ​​Center.

• Use frameworks and methodologies to model and predict potential attack vectors in the healthcare sector and improve the overall security posture of the organization.

Job Requirements:

• At least 3 years of experience as a Threat Intelligence Analyst - required

• Familiarity with Vulnerability management systems - required.

• Familiarity with Threat Intelligence systems - required

• Familiarity with the world of Penetration Testing - a significant advantage.

• High-level written and verbal communication skills, including the ability to create in-depth technical reports.

• High level English - mandatory

• Relevant certification from the worlds of PT/SOC/IR/Threat Intelligence – an advantage.

• Practical experience in the worlds of defensive cyber (defense, detection, response, maintenance, writing rules), including previous experience in responding to a large-scale incident.

• Proven understanding of the life cycle of cyber threats, attacks, attack vectors and exploitation methods, along with an understanding of tactics and procedures of attackers (TTP).

• Familiarity or experience with Cyber ​​Int systems, MITRE ATT&CK methodology

• Required capabilities:

• Opportunity to protect our insured data and ensure the continuity of the organization's operations.

• Work in a team of experts in the field of cyber, a supportive environment that encourages learning and development.

• Work with innovative and market-leading cyber technologies.

• A company where innovation, excellence and collaboration are core values.

• Excellent communication skills, analytical thinking, ability to work independently and in a team, ability to present information clearly and professionally.

The position is open to both men and women

‍

Require experience of 4-6years as a Cyber architect.

Verbal and writing skillsin English.

Knowledge with Linuxoperating system, including administration and privilege hardening.

Knowledge with cloudvendors and solutions.

Advantage

Bachelor's degree incomputer science or engineering or equivalent.

Security certificationssuch as

Certified InformationSystems Security Professional (CISSP)

Certified InformationSecurity Manager (CISM)

‍