Tipalti
- 19/10/2023
- תל אביב - יפו
As an Incident Responder, you will have the to step onto a fintech unicorn rocketship and make an impact to the business.Who Are TipaltiTipalti is one of the most exciting fintechs in the world, our Series F funding raising $270 million - valuing us at over $8.3 billion. We are on a journey to transform financial operations for high velocity organizations to rival those of the Fortune 5000.You Will Be Responsible For The Following
- Threat hunt inside Tipalti environments to discover existing malware or threat actors that compromised the network.
- Treat incident response cases from start to finish, including identifying the threats, machine/network/cloud forensics, creating timelines, and consulting external vendors on IR and mitigation steps.
- Producing reports on Tipalti threat hunting / Incident response cases.
- Research emerging attacks, technologies, threats, and vulnerabilities in SaaS and enterprise products and create actionable alerting scenarios to catch them through the Tipalti Siem Solution.
- Investigate logs from security systems to detect intrusions or misconfigurations and create detections based on your findings.
- Write detection rules documentation with actionable recommendations for mitigations.
- Investigate anomalies and incidents and create custom detections and next step recommendations.
- Manage and coordinate Tipalti cyber incident process with Tipalti SOC team.
- On-demand threat-hunting activities on multiple cloud environments and SaaS applications.
- On-demand Incident response treatment for serious incidents raised by our Tipalti SOC team.
- Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
- Collaborate with Product and Engineering to leverage research findings to evolve Tipalti product and knowledge base.
- Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities including mentoring the team on your findings and methods.
- Evaluate & recommend new security technologies and help shape the product with your insights and expertise.
- Regular updates to internal research findings.
- On-call availability off working hours.
- Your background includes:
- 5+ years of experience in hands-on threat hunting and incident response in large, complex, security organizations and a proven track record in cybersecurity research, specializing in either APTs or cybercrime.
- Hands-on experience in threat hunting and incident response on cloud environments (AWS) and SaaS products (Jumpcloud, Google workspaces, Github etc).
- Experience in securing on-prem, cloud and SaaS environments and how organizations protect themselves from attacks (including hands-on experience with common tools and products - FW, IDS/IPS, WAF, EDRs, SIEM, VA, CSPM\DSPM, {AM etc), familiarity with common cloud and SaaS attack vectors and misconfigurations.
- Hands-on experience with machine forensics including analyzing disk, memory, and network artifacts on Windows and Linux machines.
- Hands-on experience with query languages (Kibana/KQL/Lucene, Splunk), working with JSON files and writing complex queries and rules.
- Your skills include:
- An innovative mind with keen attention to detail and the ability to set his own goals and parameters for success, investigate and implement solutions and recommendations for the customer benefit.
- Solid understanding of the cyber security kill chain (MITRE ATT&CK/D3FEND), identifying security vulnerabilities, typical attacker exploit techniques, and related mitigations and remediations.
- Great communication skills - Fluent in english, spoken and written with a positive and helpful
- Development of threat hunting automation (threat hunting scripts, IOC gathering scripts) - a big plus.
- Hands-on experience with malware analysis / DFIR in a custom-built sandbox environment (Dynamic & Static, including tools like – IDA Pro, Ollydbg, Wireshark) - advantage
- Reverse engineering experience - advantage.
רוצה לראות עוד משרות מתאימות? Jobify מנתחת את הניסיון התעסוקתי שלך ומציגה לך משרות עדכניות - בחינם!