Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Cyberark DFIR & Threat Hunting Researcher 
Israel 
707918031

08.08.2024

What will you do:

- Digital Forensics and Incident Response (DFIR):

  • Perform digital forensics analysis on various types of evidence, such as disk, memory, network, and cloud artifacts (AWS – advantage).
  • Support incident response efforts by providing technical expertise, containment, eradication, and recovery guidance.
  • Maintain and operate forensic tools and platforms, ensuring they are up-to-date and reliable.
  • Document and report on forensic findings and recommendations, following the established procedures and standards.

- Threat Hunting:

  • Proactively hunt for malicious activity and indicators of compromise across CyberArk's network, endpoints, and cloud environments using various data sources and analytical techniques.
  • Develop and refine custom threat-hunting hypotheses, queries, and dashboards based on the latest threat intelligence and trends.
  • Collaborate with the SOC team to validate, escalate, and respond to identified threats.

- Research and Development:

  • Research emerging threats, attack vectors, threat actors, ATPs, security technologies and CyberArk products and share insights and best practices with the team and the broader security community.
  • Develop and improve tools, scripts, correlation alerts and automation to enhance the SOC team's DFIR and threat-hunting capabilities.

What you need to succeed:

  • Proven (3+ years) experience in digital forensics and incident response, preferably in a tech company or a security consulting firm.
  • Hands-on experience with industry standard forensic tools and platforms.
  • Hands-on experience with threat hunting tools, query languages and platforms, such as ELK, Splunk, QRadar, KQL, SQL etc.
  • Strong knowledge of network protocols, operating systems, malware analysis, and cloud security.
  • Ability to automate tasks using a scripting language such as Python & JS.
  • Excellent communication and interpersonal skills.
  • Excellent proficiency in English, both written and verbal, is a must.
  • Curious and creative mindset, with a passion for learning and solving complex problems.
  • Ability to work independently and collaboratively in a fast-paced, dynamic environment and with a multi-region team.

How will you stand out from the crowd:

  • GCFE, GCFA, GNFA, GCTI, OSCP, or equivalent.