Detection & Researcher Team Lead

NSO Group provides vetted government agencies with cutting-edge technological solutions designed to prevent and investigate terrorism and crime. We are constantly exploring new technologies to address the next challenge in this dynamic, ever-changing market. Want to join us in making a difference (and have a lot of fun along the way)? Apply now

*As a Detection & Researcher Team Lead, you will:*

* Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
* Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
* Leverage open-source tools and frameworks to support threat attribution and research
* Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
* Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders

*If you have:*

* At least 2 years of experience in technical customer service (remote and face to face)
* Experience in Windows and Linux operation systems
* Experience in virtualization technologies (VMware, Hyper-V)
* Experience in analyzing and monitoring TCP\\IP networks
* Experience in network monitoring platforms
* High proficiency in English – written and verbal communication

*It would be great if you also have:*

* 2+ years of managerial experience as a team leader and/or tech lead
* At least 2 years of experience in incident response, SOC operations, or a related cybersecurity role
* Strong knowledge of networking fundamentals and the MITRE ATTACK framework
* Experienced in working across multiple interfaces, coordinating effectively between teams and stakeholders to ensure seamless execution
* Programing/scripting experience in one or more languages, e.g., Python, Go, Ruby, Bash, PowerShell or Java
* Experience with Big Data analysis platforms and security monitoring tools for log analysis and investigation
* Practical experience with OSINT (Open-Source Intelligence) tools and methodologies for threat hunting, attribution or intelligence gathering

*It would be great if you also have:*

* Experience responding to incidents in large-scale or complex environments
* Hands-on experience with cloud-based infrastructure
* Prior work in operational security or a related discipline

*Join NSO Group and make a difference!*

Job Type: Full-time