מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
RESPONSIBILITIES:
• Monitors SIEM, trouble tickets / email notifications and in-person escalations, logs from ICS infrastructure components (SCADA, HMI, PLC, RTU, Control Servers), applications or network devices such as switches, firewalls, IDS/IPS;
• Design, implement, test Security Orchestration, Automation and Response processes and procedures;
• SOAR playbook development and troubleshoot automation capabilities;
• Examine the escalated tickets to determine if they are true positive or false positives.
• Performs malware analysis, threat hunting and threat modeling activities;
• Assist forensic investigation by providing reports and other information;
• Reviews and suggests improvements to control deployment process and installation procedures
• Develops and documents remediation recommendations for business owners to improve the control environment in which a security incident occurs. Recommendations must be easily understood by non-technical staff;
• Provide recommendations and direction on the tuning of signatures, rules, alerts, parsers, and custom scripts within the monitoring solutions;
• Participates in root cause analysis and helps with the orchestration of remediation;
• Understand defense in depth strategies and apply those to Client’s environment;
• Creates and disseminates security related notifications for internal staff (for example: trends, developments, changes in capabilities);
• Acts as L2 Escalation layer in the SOC.
• Mentors Level 1 SOC Analysts;
• Creates manuals, guides and knowledge base entries;
• Keep abreast of latest security and privacy legislation, emerging threats, regulations, advisories, alerts, and vulnerabilities pertaining to HCE OT IR SOC and its customers;
• Remains knowledgeable of our current solution portfolio and the technical specificities of our offerings.
• Bachelor’s degree in a computer related field such as Computer Science, Computer information systems or electronics;
• Minimum of 2 years’ experience in cyber security industry;
• Minimum of 5 years’ experience in Information Technology;
• Strong diagnostic and analytical skills including problem solving, trouble shooting, management of priorities and self-direction to resolve complex issues;
• Effective written and verbal skill to enable strong communication capabilities;
• Information Technology certifications: ITIL Foundations;
• Security Certifications: CCNA, CompTIA Security+, GCIH, or other similar certifications;
• Experience to automate tasks and integrate systems with Python;
• Experience with SIEM platforms and logging solutions. WE VALUE:
• GCFA or CEH or other similar certifications;
• Understand Advanced SOAR methodology;
• Understand ICS communication protocols such as Modbus, Profibus, DNP3, S7comm and others.
• Ability to write documentation and summaries;
• Experience working in a client facing Cyber SOC environment;
• Experience securing industrial or corporate networks and assets against cyber threats;
• Knowledge of ICS environments;
• Knowledge of cybersecurity frameworks such as MITRE ATT&CK, NIST.
משרות נוספות שיכולות לעניין אותך