עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לחפש לבד בין מאות מודעות – תנו ל-Jobify לנתח את קורות החיים שלכם ולהציג לכם רק הזדמנויות שבאמת שוות את הזמן שלכם מתוך מאגר המשרות הגדול בישראל.
השימוש חינם, ללא עלות וללא הגבלה.
As an Incident Responder, you will have the to step onto a fintech unicorn rocketship and make an impact to the business.Who Are TipaltiTipalti is one of the most exciting fintechs in the world, our Series F funding raising $270 million - valuing us at over $8.3 billion. We are on a journey to transform financial operations for high velocity organizations to rival those of the Fortune 5000.You Will Be Responsible For The Following
- Threat hunt inside Tipalti environments to discover existing malware or threat actors that compromised the network.
- Treat incident response cases from start to finish, including identifying the threats, machine/network/cloud forensics, creating timelines, and consulting external vendors on IR and mitigation steps.
- Producing reports on Tipalti threat hunting / Incident response cases.
- Research emerging attacks, technologies, threats, and vulnerabilities in SaaS and enterprise products and create actionable alerting scenarios to catch them through the Tipalti Siem Solution.
- Investigate logs from security systems to detect intrusions or misconfigurations and create detections based on your findings.
- Write detection rules documentation with actionable recommendations for mitigations.
- Investigate anomalies and incidents and create custom detections and next step recommendations.
- Manage and coordinate Tipalti cyber incident process with Tipalti SOC team.
- On-demand threat-hunting activities on multiple cloud environments and SaaS applications.
- On-demand Incident response treatment for serious incidents raised by our Tipalti SOC team.
- Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
- Collaborate with Product and Engineering to leverage research findings to evolve Tipalti product and knowledge base.
- Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities including mentoring the team on your findings and methods.
- Evaluate & recommend new security technologies and help shape the product with your insights and expertise.
- Regular updates to internal research findings.
- On-call availability off working hours.
- Your background includes:
- 5+ years of experience in hands-on threat hunting and incident response in large, complex, security organizations and a proven track record in cybersecurity research, specializing in either APTs or cybercrime.
- Hands-on experience in threat hunting and incident response on cloud environments (AWS) and SaaS products (Jumpcloud, Google workspaces, Github etc).
- Experience in securing on-prem, cloud and SaaS environments and how organizations protect themselves from attacks (including hands-on experience with common tools and products - FW, IDS/IPS, WAF, EDRs, SIEM, VA, CSPM\DSPM, {AM etc), familiarity with common cloud and SaaS attack vectors and misconfigurations.
- Hands-on experience with machine forensics including analyzing disk, memory, and network artifacts on Windows and Linux machines.
- Hands-on experience with query languages (Kibana/KQL/Lucene, Splunk), working with JSON files and writing complex queries and rules.
- Your skills include:
- An innovative mind with keen attention to detail and the ability to set his own goals and parameters for success, investigate and implement solutions and recommendations for the customer benefit.
- Solid understanding of the cyber security kill chain (MITRE ATT&CK/D3FEND), identifying security vulnerabilities, typical attacker exploit techniques, and related mitigations and remediations.
- Great communication skills - Fluent in english, spoken and written with a positive and helpful
- Development of threat hunting automation (threat hunting scripts, IOC gathering scripts) - a big plus.
- Hands-on experience with malware analysis / DFIR in a custom-built sandbox environment (Dynamic & Static, including tools like – IDA Pro, Ollydbg, Wireshark) - advantage
- Reverse engineering experience - advantage.
במקום לחפש לבד בין מאות מודעות – תנו ל-Jobify לנתח את קורות החיים שלכם ולהציג לכם רק הזדמנויות שבאמת שוות את הזמן שלכם מתוך מאגר המשרות הגדול בישראל.
השימוש חינם, ללא עלות וללא הגבלה.