RESPONSIBILITIES

• Conduct cyber security investigations in OT networks of our customers
• Deliver webinars, workshops and threat intel sharing sessions
• Identify and analyze potential security incidents that currently exist or may pose a potential threat to customer networks
• Prioritize Alerts and Insights for customers
• Provide advisory, presentations and reports to customers
• Create playbooks and standard operating procedures for alerts and insights
• Create reports of emerging threats to industrial networks for customers
• Create advanced scripts to automate tasks
• Develop advanced detection rules utilizing the products detection engines.
• Work closely with Claroty R&D and other internal departments to improve and enhance the products and services offered
• Help develop and improve processes and procedures
• Provide training and knowledge transfers when required

• 3+ years of proven technical experience in cyber security.
• Knowledge and experience with coding and scripting
• knowledge of Linux and experience working with SQL
• Advanced understanding of the most of the common open-source detection tools Yara, Snort etc.
• Experience with network intrusion detection systems
• Experience and understanding of incident response methodologies and capabilities
• Experience working with big data, analytics tools, and techniques
• Knowledge and experience of MITRE ATT&CK and Kill Chain Frameworks.
• Experience in Industrial control systems and the networking protocols of this environment
• Understanding of risk and controls particularly in an Industrial control systems environment
• Strong presentations, documentation, and training skills
• Excellent interpersonal skills and ability to work unsupervised
• High level of English
• Ability to travel when required