Incident Response Team Lead

לעמוד הבית >
קוד משרה: JB-70065564 מיקום גיאוגרפי: חיפה והקריות עיר: חיפה

תיאור המשרה

Elbit is looking for an Incident Response Team Leader for the Global Threat Detection and Response group located in Haifa
Responsibilities: 
Lead and assist with every stage of cyber incident response lifecycle including: Containment, analysis and investigation, remediation, reporting and lessons learned process
Provide strong direction for the Incident Response efforts, coordinating with both internal and third-party resources to drive investigations
Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
Recognize and codify attacker tools, tactics, and procedures (TTPs) in indicators of compromise (IOCs) that can be applied to current and future investigations
Managing a team of professional security cyber incident handlers, including performing management, career development and mentoring
Research and develop new digital forensics techniques, scripts and methodologies to enhance Elbit's incident investigation processes
Develop and update playbooks and automation in SOAR platform to enhance overall IR process
Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences

דרישות המשרה

Minimum 4 years of Incident Response or relevant experience, including at the following domains: threat hunting, threat detection & response or malware analysis
Solid management experience, including motivating employees and leading cross-organizational processes
Strong knowledge of IR, forensics and investigation by common standards: SANS, NIST
Strong knowledge with common DFIR tools, digital forensics, disk and memory collection & analysis, Memory & Network dump and mobile device
Strong knowledge with Windows/Linux Operation Systems
Hands-on experience in Security systems/platforms such as EDR, SIEM, Splunk/ELK, SOAR
Experience with threat hunting, on both endpoints and networks
Experience in investigating mobile devices, using common investigate tools in the industry
Experience with one scripting or developing language (Python/bash)
 In-depth thinker, excellent verbal presentation skills