DFIR & Threat Hunting Researcher
DFIR & Threat Hunting Researcher
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
CyberArk the global leader in Identity Security is looking for a skilled and passionate Senior DFIR & Threat Hunting Researcher to join its Global Information Security Team. In this role you will conduct digital forensics and threat-hunting activities across CyberArks global network endpoints and cloud environments. You will also research and develop new methods and tools to enhance the detection and response capabilities of the CyberArk Information Security team.
Responsibilities:
Digital Forensics and Incident Response (DFIR):
- Perform digital forensics analysis on various types of evidence such as disk memory network and cloud artifacts (AWS advantage).
- Support incident response efforts by providing technical expertise containment eradication and recovery guidance.
- Maintain and operate forensic tools and platforms ensuring they are up-to-date and reliable.
- Document and report on forensic findings and recommendations following the established procedures and standards.
Threat Hunting:
- Proactively hunt for malicious activity and indicators of compromise across CyberArks network endpoints and cloud environments using various data sources and analytical techniques.
- Develop and refine custom threat-hunting hypotheses queries and dashboards based on the latest threat intelligence and trends.
- Collaborate with the SOC team to validate escalate and respond to identified threats.
Research and Development:
- Research emerging threats attack vectors threat actors APTs security technologies and CyberArk products and share insights and best practices with the team and the broader security community.
- Develop and improve tools scripts correlation alerts and automation to enhance the SOC teams DFIR and threat-hunting capabilities.
#LI-CB1
Qualifications :
- Proven (5 years) experience in digital forensics and incident response preferably in a tech company or a security consulting firm.
- Hands-on experience with industry standard forensic tools and platforms.
- Hands-on experience with threat hunting tools query languages and platforms such as ELK Splunk QRadar KQL SQL etc.
- Strong knowledge of network protocols operating systems malware analysis and cloud security.
- Ability to automate tasks using a scripting language such as Python & JS.
- Excellent communication and interpersonal skills.
- Excellent proficiency in English both written and verbal is a must.
- Curious and creative mindset with a passion for learning and solving complex problems.
- Ability to work independently and collaboratively in a fast-paced dynamic environment and with a multi-region team.
Certifications (a plus):
GCFE GCFA GNFA GCTI OSCP or equivalent.
Additional Information :
We are proud to foster a diverse and inclusive workplace where every individuals unique background perspective and contribution is celebrated. We believe that by embracing diversity we drive innovation and create a stronger more united team. Inclusion is at the heart of who we are and how we succeed. All qualified applicants will receive consideration for employment without regard to race colour age religion sex sexual orientation gender identity or disability. Upon conditional offer of employment candidates are required to complete a comprehensive background check as per our internal policy.
CyberArk is an equal opportunities employer. If you would like any special arrangements made for your interview please inform the EMEA Talent Acquisition team upon your application so that we may take steps to accommodate your needs.
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
