?>

DFIR Expert

R&D, Israel
Description

Our mission at Cyberbit is to develop cutting-edge cyber simulations by mimicking real-world threat groups, investigating their attack patterns, and translating that information into practical cyber exercises.

We utilize commercial-grade security tools to train cyber professionals in industry-standard detection, response, and attack mitigation techniques. Our clients include Fortune 500 companies, universities, governments, and militaries worldwide.

The ideal candidate will possess a comprehensive analytical abilities and understanding of cyber security attack vectors, vulnerabilities, and exploits, as well as be well-versed in identifying and mitigating common network security threats. We are looking for a candidate with a proven track record of working with security analysis technologies (e.g. SIEM, FW, AV, IPS, EDR) and a deep understanding of relevant procedures, policies, and industry investigational best practices.

Responsibilities:

  • Design and investigate cyber-attack scenarios for training and simulation purposes by reproducing malicious attack campaigns, mitigations, and investigation flows.
  • Develop investigation methodologies based on industry best practices to counter new cyber threats and techniques.
  • Conduct research and analysis on Tactics, Techniques, and Procedures (TTPs) employed by malicious actors in order to educate and train users on defense against live attacks.
  • Work collaboratively with a diverse team of experts including offensive security researchers, software developers, security analysts, security experts, DevOps, and technical writers to achieve project goals.
Requirements
  • At least 2 years of professional experience in the Incident Response field - Must.
  • Experience in one or more of the following areas: Digital Forensics (including Malware Analysis), Memory/Host/Network Forensics, Incident Response, Cloud Security - Must.
  • Knowledge of Windows and Linux internals - Must.
  • Proven experience in writing technical security reports, mainly incident response or forensic reports - Must.
  • Outstanding English language proficiency, both verbal and written- Must.
  • A team player.
  • Extensive experience triaging and responding to incidents using CrowdStrike, Carbon Black or Microsoft Defender.
  • Experience working with Splunk SIEM, QRadar or Microsoft Sentinel for incident response purposes.
  • Hands-on experience with cloud platforms such as Microsoft Azure, Amazon Web Services (AWS) or Google Cloud Platform (GCP) - Advantage.
  • Experience with scripting languages such as Python, PowerShell, or Bash - Advantage.
  • Hands-on experience analysing malware (through static and dynamic means) - Advantage.
  • Experience in training and teaching others in the field of cybersecurity - Advantage.
  • Any GIAC certification - Advantage.

Why You'll Love Working With Us

Cyberbit is a place for passionate innovators, builders and doers who are looking to take part in the development of a disruptive solution and keep our world safer from cyber-attacks, using the most advanced technologies and tools. We know that achieving a critical mission such as ours requires incredible talent, which is why you will be working alongside inspiring tech leaders who are all in for teamwork! As a team member, you can expect to make a difference through your work by helping us achieve our goal to ensure the world’s networks are secure. We support one another with kindness, near or far. We are committed to being attentive to the needs of our peers and colleagues by showing generosity with our time and knowledge.