Security Researcher Analyst

Company Description

Cymulate, based in Holon, is a SaaS-based platform designed to help companies manage their security posture against the evolving threat landscape. The platform enables security professionals to continuously challenge, validate, and optimize their cybersecurity posture across the MITRE ATT&CK® framework. Cymulate provides threat intelligence-led risk assessments that are simple to deploy and offers an open framework for creating and automating red and purple teaming scenarios.

Role Description

This is a full-time hybrid role for a Security Researcher Analyst at Cymulate. The role involves creating and improving security defense content across the company, such as the creation of mitigations, detections, and research around ways to provide customers with BiS protection based on Cymulate’s scenarios, creating and improving threat intelligence content across the company, such as the creation of packages based on threat actor attacks “IOCs” and research around real-life attacks done by threat actors. The position is located in Holon, with flexibility for some remote work.

Key Responsibilities:

• Continuously maintain and update the defense content in Cymulate’s platform.
• 1. Create mitigations, detections, and analysis across Cymulate's scenarios. (Create Sigma, Custom Queries, Custom Alerts, Product specific content (SIEM, EDR, SOAR, FW, WG, EG, etc...))
• Research for Cyber threats and risks, gather information on threat behavior, goals, and methods, and continuously maintain and update threat intelligence tactics and techniques and remain current on cyber security trends and intelligence (open source and commercial).
• Write technical reports based on research, and findings related to Threat Intelligence. (Periodically)
• You will join a diverse team composed of security experts as well as security researchers in both offensive and defensive fields and developers working together to solve complex technological tasks end to end.

Required Qualifications:

• Minimum of 3 years of experience as an Analyst.
• Experience with Sigma rules.
• Experience using analysis tools such as Virus Total, Any.run, Hybrid Analysis, URL Scan, Shodan.
• Understanding of possible attack activities such as network reconnaissance probing / scanning, DDOS, malicious code activity, etc.
• Possess knowledge of creating detection & mitigation rules within:
• 1. Security solutions (SIEM, EDR, SOAR, FW, WG, EG, etc...)
• 2. OS – (Windows/Linux/Mac).
• 3. Cloud environments (AWS, GCP, Azure)
• Experience in python development.