שתף משרה זו

Incident Responder DFIR Specialist

זיהוי דרישה:  4856
מיקום גאוגרפי:  חיפה
חברה:  ElbitSystems
עיר:  חיפה

תאור משרה

 

 

Incident Responder – DFIR Specialist

About the Role

We are seeking a passionate Incident Responder to join our dynamic cybersecurity team. In this role, you will be at the forefront of defending our organization against cyber threats. You will proactively investigate and respond to security incidents, perform deep-dive forensic analysis, and develop actionable remediation plans. Your expertise will help shape our threat detection and response capabilities, ensuring the resilience of our digital infrastructure

Key Responsibilities

Investigate and analyze security incidents to determine the scope, impact, and root cause

 Perform threat hunting across internal and external data sources to identify malicious activity

Conduct digital forensics on systems, including memory and host-based analysis

 Develop and implement incident response playbooks and remediation strategies

Collaborate with cross-functional teams to contain and remediate threats

Design and recommend defensive measures to prevent future attacks

Stay current with evolving attacker TTPs (Tactics, Techniques, and Procedures)

Participate in an Incident Response on-call rotation approximately once every 4 weeks

 

?Why Join Us

Work with a passionate and skilled cybersecurity team

Tackle real-world threats and make a tangible impact

Opportunities for continuous learning and professional development

 

Ready to defend, detect, and respond? Apply now and help us stay one step ahead of cyber threats

ניסיון מקצועי

Required Qualifications
3+ years of hands-on experience in Incident Response, Threat Hunting, Digital Forensics, and Security Monitoring
Strong understanding of networking concepts and advanced network traffic analysis
Proven ability to lead and coordinate incident response efforts across teams
Deep knowledge of system forensics, including memory and host analysis
Excellent communication skills with the ability to convey complex technical issues clearly
Experience working in large-scale enterprise environments with complex security challenges

Preferred Qualifications
Experience with cloud security practices in AWS and Azure environments; AWS Security Specialty and/or Azure Security Engineer Associate certification is a plus
Familiarity with offensive security techniques and penetration testing methodologies
Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and tooling