Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

SAP Senior Cybersecurity Threat Analyst 
Romania 
849234207

09.09.2024

Key Responsibilities include:

Threat Modeling and Remediation Planning:

  • Develop and maintain threat models to identify, assess, and mitigate potential security risks across the organization’s infrastructure.
  • Collaborate with cross-functional teams to understand business processes, systems, and data flows for accurate threat modeling.
  • Provide detailed remediation advice and planning to mitigate identified threats and vulnerabilities.
  • Work closely with the incident response team to ensure effective handling of security incidents based on threat models.

Threat Hunting and Detection:

  • Conduct proactive threat hunting activities to identify malicious activities, potential threats, and vulnerabilities within the organization’s network and systems.
  • Develop and implement new detection strategies and tools to identify and respond to emerging threats.
  • Analyze threat intelligence data to identify trends, patterns, and indicators of compromise (IOCs) to improve detection capabilities.
  • Regularly update detection mechanisms based on new intelligence and emerging threats.

Vulnerability Proof of Concept and Offensive Tooling Knowledge Transfer:

  • Perform proof of concept (PoC) testing on vulnerabilities to assess the potential impact and validate security controls.
  • Develop and document PoC scripts and methodologies for identified vulnerabilities to enhance understanding and response strategies.
  • Provide training and knowledge transfer to the blue team on offensive tooling, including the use and detection of tools used by adversaries.
  • Assist in the development of defensive tactics and techniques by leveraging insights gained from offensive tool usage.

Collaboration and Reporting:

  • Collaborate with the blue team and other security teams to enhance the organization’s overall security posture.
  • Prepare detailed reports and presentations on threat modeling, hunting activities, PoC findings, and detection proposals.
  • Communicate complex technical information to non-technical stakeholders to ensure a clear understanding of security risks and mitigation strategies.

Required Skills and Experience:

  • Bachelor’s degree in Computer Science, Information Security, or a related field; or equivalent experience.
  • 3+ years of experience in cybersecurity, with a focus on threat modeling, threat hunting, vulnerability assessment, or incident response.
  • Strong understanding of cybersecurity principles, threat landscapes, and offensive and defensive security techniques.
  • Hands-on experience with threat modeling methodologies, such as STRIDE, PASTA, or ATT&CK.
  • Proficiency in using cybersecurity tools for threat hunting, vulnerability assessment, and penetration testing (e.g., SIEM, IDS/IPS, EDR, Nmap, Metasploit, etc.).
  • Experience in developing and conducting proof of concepts for vulnerabilities and security controls.
  • Familiarity with offensive security tools and techniques, such as exploitation frameworks, malware analysis, and red teaming.
  • Strong analytical and problem-solving skills with the ability to think like an adversary.
  • Excellent communication skills, with the ability to articulate complex security issues to diverse audiences.

Preferred Skills:

  • Relevant cybersecurity certifications (e.g., CISSP, CEH, OSCP, GCIH, etc.).
  • Experience with scripting and automation (e.g., Python, PowerShell, Bash).
  • Knowledge of cloud security and securing cloud-based environments (AWS, Azure, GCP).
  • Experience working in a SOC or with incident response teams.


Job Segment:Cloud, ERP, Testing, Cyber Security, Computer Science, Technology, Security