DFIR - CYE
- חברה: CYE
- מיקום: Herzliya
- טכנולוגיות: Splunk, Elasticsearch, SQL
תיאור המשרה
2-3 years of experience as a DFIR team member
Experience with performing digital forensics in a cloud environment
Experience with performing digital forensics of Windows-based and/or Linux-based platforms, network forensics, and analysis
Thorough understanding of threat hunting models, as well as cyber threat intelligence, including TTP and IoCs extraction and mapping
Experience with research and data analysis of large DBs via Splunk, Elasticsearch, SQL, or VQL
Strong understanding of targeted attacks; able to create customized tactical remediation plans
Good written and verbal English communication skills
תחומי אחריות
Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery
Perform incident response in a cloud environment (Azure, AWS etc.).
Perform digital forensics investigations
Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors
Perform hunt-evil and find-evil activities for proactively detecting attacks
Work closely with our in-house red team, CTI, and cyber architect teams
Work closely with worldwide companies, CISOs, and technology experts
דרישות
2-3 years of experience as a DFIR team member
Experience with performing digital forensics in a cloud environment
Experience with performing digital forensics of Windows-based and/or Linux-based platforms, network forensics, and analysis
Thorough understanding of threat hunting models, as well as cyber threat intelligence, including TTP and IoCs extraction and mapping
Experience with research and data analysis of large DBs via Splunk, Elasticsearch, SQL, or VQL
Strong understanding of targeted attacks; able to create customized tactical remediation plans
Good written and verbal English communication skills