Cyber Blue Team Expert

Petah Tikva, IL · Cyber Security Services

This role is a great opportunity to work onsite in one of the largest and coolest companies in London! Working side-by-side with CyberInt’ security experts, you will gain hands on experience, working directly with the customer and learn how a cyber security team operates within a large-scale organization.

The customer’s cyber-security team works alongside CyberInt’ representatives, which handle all matters of security issues, alerts and projects – all from within the organization’s headquarters.

This position is based in London, and requires extensive traveling.

Mains focus:

• Responsibility over handling investigations of cyber incidents over escalated alerts from the SOC.

• Responsibility over running internal investigations of inside threats, complex fraud attempts or criminal activity in conjunction with the Physical Security and Fraud teams while collecting digital evidence applicable for prosecution in the court of law. 

Responsibilities

• Respond to any cyber incidents affecting the organization’s business operations

• Cross information and logs from various different security tools to detect accurate findings

• Respond to incidents on Real-Time by taking direct actions and operate incidents’ mitigation hands on

• Implement investigations’ “lessons-learnt” to enhance security controls and cross organizational protection

• Advise and provide recommendations related to legal, technical and regulatory domains affecting the organization’s IT

• Participate in special security-related projects in the organization, including pro-active threat-hunting or risk evaluation

• Monitor industry trends, evolving threats, vulnerabilities and control techniques

• Collaborate with the relevant teams and third party groups to ensure that current Cyber Security threats are properly considered within the threat models for current and planned products or services

• Define and implement the relevant run books and tools appropriate for responding to cyber and internal incidents

• Operate within an environment in which much of the end to end accountability is based within the individual infrastructure, operations or software teams


Requirements

• Good familiarity with networking protocols and modules (TCP/IP and OSI, HTTP, DNS, etc.) – MUST

• Advanced familiarity and understanding of cyber-security attacks methods, risks, detection systems and detection tools – MUST

• Experience (minimum 1 year) working as part of a security team – MUST

•  Willingness to travel extensively to London – MUST

• Experience with Endpoint Protection (such as EDR), enterprise Anti-Virus policies and/or GPO security – ADVANTAGE

• Experience with Vulnerability Assessment, host-based/scanner scanning and patching process – ADVANTAGE

• Familiarity with Cloud based computing services (Such as: Google, AWS, MS Azure) – ADVANTAGE

• Relevant certifications (SANS GIAC, CISSP, CEH, etc.) or related degrees – ADVANTAGE

• Fluent in written and spoken English – MUST


You are:

• Independent and self-motivated to accomplish any mission even if no one internally ever faced before.

• Assertive and charismatic to convey your thoughts and solutions

• Dynamic and proactive with a “can do” attitude

• A people person with excellent verbal and written communications skills

• A team player – you work well in a dynamic environment with interfaces to both internal and external teams

• Flexible and multitasking, able to cope with changes in assignments

Apply