משרות הייטק Cyber

• Cyber security professional with a minimum of 3 years of cyber security research experience.

• Must possess strong verbal and written communication skills in English.

• Have a broad understanding of the cyber security domain and common related technologies and tools.

• Have excellent understanding and hands-on experience with identifying and exploiting common security vulnerabilities, including OWASP-Top-10.

• Be able to assess web applications, with emphasis on RESTful APIs.

• Have good understanding of network infrastructure and protocols.

• Be able to understand complex code and writing scripts.

• Has hands-on experience with assessing and exploiting of at least one of the following domains:

• Private/public cloud and micro-service architectures (IaaS, PaaS and SaaS)

• Mobile infrastructure and applications (iOS/Android)

• Linux Kernel, containers, container runtime, and orchestrators

• Low-level systems and reverse engineering, with emphasis on exploitation

• The SDLC process with emphasis on threat modeling of complex systems

• Infrastructure and network communication analysis

• Research of proprietary protocols.

• Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information. 

• Designing computer security architecture and developing detailed cyber security designs. 

• Identifying and defining system security requirements. 

• Analyzing security systems and seeking improvements on a continuous basis. 

• Researching weaknesses and finding ways to counter them. 

• Developing best practices and security standards. 

• Assisting colleagues with cybersecurity, software, hardware or IT needs, while providing direction and solutions for security threats. 

• Reporting possible threats or software issues. 

• Finding cost-effective solutions to cybersecurity problems. 

• Understanding cloud, software, hardware and internet needs while adjusting them according to our unique business environment. 

• Ensuring timely and adequate response to threats/alerts including off-hour support. 

• Enforcing security policies and procedures concerning cloud infrastructure. 

• Ensuring that necessary controls and processes exist to appropriately correlate and assess security events while mitigating identified vulnerabilities in all environments. 

• Evaluating new technologies for improving security and network performance. 

• Improving security controls and safeguards according to new threats. 

• Supporting security event monitoring and incident response. 

• Conducting security incident and event investigation and analysis. 

• Participating in systems design to ensure implementation of appropriate technical security policies and technology across all layers.