Tier 2-3 Forensic Analyst
Date: Dec 29, 2020
Location: Tel Aviv, IL, 1111
Company: Teva Pharmaceuticals
Company Info
Job Description
Teva Pharmaceuticals Located in Tel Aviv is looking for a CDC- T2 forensic analyst
In this position You should be able to demonstrate a professional experience in incident detection and response, malware analysis, network cyber forensics , threat intelligence, host investigations, as well act as a managerial function for T1 escalation point for complex incident management and investigations
You will be preforming as the CDC IR technological focal point - advise on all IR technological aspects and needs, take part in new cutting edge security tools onboarding process, managing the CDC forensic LAB , advise on automation process and IR overall optimization and future strategy
Responsibilities
Monitors SIEM and logging environments for security events and alerts -Identify, investigate, and analyze all response activities related to cyber security incidents
Preform proactive threat hunting for highly suspicious events using threat intelligence and various tools such as EDR ECAT RSA security analytics, Splunk and other BI tools
Preform as a technological IR focal point that will be taking part in corporates new tools POC's and advise on new technologies for the CDC
Assist in the design, evaluation, implementation and fine-tuning of new rules, playbooks, security technologies and data enrichment and automation process
Qualifications
Thorough understanding of fundamental security, network and system concepts Operating systems, intrusion detection, windows internals, TCP/IP ports and major services, Networks topology log management/analysis infrastructure etc
Thorough understanding of incident response process, procedures, investigations methodology, digital forensics,
At least 3 years of experience in a Security Operations Centers or Cyber Security Incident Response Teams performing as T2/T3
At least 3 years of hands-on experience in the cybersecurity industry analysis tools (e.g. Sysinternals, Sniffers, Wireshark ,Yara rules ,Kali Linux tools ,sandboxes .VT ,basic static\dynamic code analysis , Experience in operating security tools (e.g. FW, IPS\IDS, SIEM Endpoint protection, EDR , Web proxy, Mail relay ,sandbox, CASB)
Excellent interpersonal relationship and technology skills, Analytic thinking, Creative Thinker, Highly efficient
Highly effective English communication skills, in both verbal and written forms.
Desired Qualifications
Security certifications (e.g. Security+, GCIA,GCIH, CISSP, CEH GISP, GCFE, GCFA, etc)
Basic scripting ability for ongoing scripts \tools creation e.g Python, Perl, PowerShell, .net etc
Function
Sub Function
Reports To
Sr Dir IT Security, IT Security SIEM
Already Working @TEVA?
If you are a current Teva employee, please apply using the internal career site available on "Employee Central". By doing so, your application will be treated with priority. You will also be able to see opportunities that are open exclusively to Teva employees. Use the following link to search and apply: Internal Career Site
The internal career site is available from your home network as well. If you have trouble accessing your EC account, please contact your local HR/IT partner.
Teva’s Equal Employment Opportunity Commitment