מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Armis Threat Hunter/Threat Intel Analyst Canada 189375220
21.09.2024
Responsibilities:
- Configure tools and detect patterns/outliers within client environments matching tactics, techniques or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors.
- Conduct cyber hunts in support of identifying emerging threats on behalf of multiple clients, often operating as a lead investigator.
- Provide investigative support of large scale and complex security incidents across multiple clients and support their SOC team through the investigation, recommendations, response, and post mortem efforts.
- Create detailed Incident Reports and contribute to lessons learned in collaboration with client teams.
- Monitor multiple client environments and investigate & report on emerging threats.
- Contribute to executive summary reports and help deliver reported findings and recommendations to client audiences.
- Develop & document technical risk reduction recommendations in relation to findings and overall trends.
- Support client and internal reporting & dashboarding customization efforts within the Armis platform, as required.
- Work with internal teams on orchestration & tool based enablement and optimization of team processes supporting overall service delivery.
- Partnering with internal Threat Research on TTPS
- Contribute to the documentation of simple and reusable hunt tactics and techniques for the extended and shifting team delivering threat services.
- Help identify, provide design input, and prioritize product feature requests in support of Armis threat hunting capabilities both from the perspective of the internal service and over-arching consuming organizations.
- Establish & maintain client-specific cyber hunt & monitoring playbooks.
- Operate as subject matter expert (SME) point of contact for clients during business hours.
- Bachelor’s Degree in Cybersecurity related field preferred
- 2-3 years of Cybersecurity experience
- 1+ years experience with Python with Git
- 1+ threat intelligence and MISP experience is preferable
- 1+ years experience in any automation technology i.e. Torq, Scripting
- Experience with securing and hardening IT infrastructure.
- Experience with threat feed research; collect, prioritize, organize and application.
- Experience with the threat hunting complete life cycle; developing hunt hypothesis, analyzing and processing intelligence, find trigger, investigation, response and recommendations
- Advanced knowledge of log analysis, PCAP analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior.
- Demonstrated or advanced experience with computer networking and operating systems.
- Experience with operational security, including security operations center (SOC), incident response, evidence assessments, malware analysis, or IDS and IPS analysis.
- Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
- Knowledge of TTPs involved in current APT threats and exploits involving various operating systems, applications and protocols, including working knowledge of the Cyber Kill Chain and MITRE ATT&CK Matrix.
- Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with peers.
- Ability to both support partner meetings and projects.
- Experience applying machine learning to cybersecurity problems is a plus.
משרות נוספות שיכולות לעניין אותך
