Description
Sygnia is a top tier cybertechnology and services company, providing high-end consulting and incidentresponse support for organizations worldwide. Sygnia works with companies toproactively build their cyber resilience and to respond and defeat attackswithin their networks. It is the trusted advisor and cyber security serviceprovider of IT and security teams, senior managements, and boards of toporganizations worldwide, including Fortune 100 companies.
The company draws on toptalent from the ranks of elite military technology units and from across thecyber industry and has some of the world’s top talents in cyber security.Described by Forbes as a “cyber security delta force”, it applies technologicalsupremacy, digital combat experience, data analytics and a business-driven mindsetto cyber security, enabling organizations to excel in the age of cyber.
Cyber threats areconstantly growing in volume, velocity and sophistication. When an organizationis confronted with an advanced attack, it needs the strongest capabilities onits side. In many cases, an incident response engagement is in fact a battlewithin a network. The operational art, experience focus and speed of Sygniaresponse teams can mean the difference between a minor blow and a devastatingimpact on performance and reputation of organizations.
Sygnia is looking for highly capable Incident Response Experts.The positions are in TelAviv and Singapore. The company will also consider relocation ofsuitable candidates to Singapore, following a significant training period atits headquarters in Israel.
The Incident Response Expert role includes conducting in-depthforensic analysis, investigation and response to real-world cyber threats. Asignificant part of our investigations is performed onsite at the clientlocation, in collaboration with the client’s IT and security teams.
Responsibilities
- Participate in forensic and incidentresponse investigations, including large scale sophisticated attacks, conductlog analysis, host and network-based forensics and malware analysis
- Participate in threat hunting:proactively hunt for targeted attacks and new emerging threats in client’snetworks; as well as security assessments and simulations
- Identify indicators of compromise(IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether andhow breaches have occurred
- Utilize and develop tools andmethodologies to improve Sygnia’s existing investigative and huntingtechnological stack
- Collaborate with IT and Security teamsduring investigations
- Generate and present a comprehensiveand professional report of findings from investigations
Requirements
- At least 3 years of a relevantexperience (from military service and/or industry)
- Bright, curios and determined teamplayer, who strive for excellency
- Problem solver, In-depth thinker withgrowth mindset
- Demonstrated in-depth understanding ofthe life cycle of advanced security threats, attack vectors and variant methodsof exploration
- Deep technical understanding ofnetwork fundamentals and common Internet protocols
- Solid understanding of system andsecurity controls on at least two OSs (Windows, Linux / Unix and MacOS),including host-based forensics and experience with analyzing OS artifacts
- Fluency with one or more scriptinglanguage (i.e. Python)
-
- Multidisciplinary knowledge andcompetencies, such as:
- Hands-on experience in data analysis(preferably network traffic or log analysis) in relevant data analysis and datascience platforms (Jupyter, Splunk, pandas, SQL)
- Familiarity with cloud infrastructure,web application and servers, android and iOS mobile platforms
- Experience with malware analysis andreverse engineering
- Familiarity with enterprise SIEMplatforms (e.g. Splunk, QRadar, ArcSight) - Excellent communication and interpersonal skills. Fluent English,including the ability to document and explain technical information in aconcise, understandable manner.
- Willing to travel abroad (~30% of the time)
.svg)