Cyber Security Researcher

Description

CardinalOps’ SaaS platform delivers AI-powered recommendations to eliminate detection coverage gaps in the organization's existing security stack. 

Our platform is not “yet another” security monitoring product, but an innovative solution that uses AI and automation to maximize the value of the existing security tools and systems. 

Among our clients are some of the top 10 private equity firms; top 10 consumer packaged goods manufacturers; top 10 cable operators; top 10 US law firms; top 10 money transfer firms; and top 15 MDR/MSSP. 

CardinalOps was founded in early 2020 by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others.

We are looking for a Security Researcher to join our Cyber Security team!

This role involves conducting research on the cybersecurity landscape, leveraging intelligence feeds to map existing threat actors, attack vectors, and TTPs, and analyzing complex data to detect advanced threats using knowledge of the current threat landscape.

This role will also help to identify and build strategies to correct gaps and issues in customers' environment, including defining new detection content or use cases and working with the engineering team to deploy them.

Requirements

• Minimum 5+ years of experience as a Security Researcher / Security Engineer / Security architect / Detection engineer / Siem Expert
• Understanding of technical terminology, tools, and tactics employed by threat actors
• Basic understanding of security analytics technologies (SIEM, XDR, etc.)
• Proven track record of work with MITRE ATT&CK and ability to develop threat models based on the framework
• Understanding of technical terminology, tools, and tactics employed by threat actors.
• Basic experience in Cloud (AWS/Azure/GCP) and on-premises systems (Security products).
• Creativity, innovation, self-motivation, strong desire to learn.
• Creative and pleasant personality.
• Fluent English and Hebrew

Responsibilities

• Discover, analyse and track advanced cyber-attack campaigns
• Conduct proactive research to define new use cases/detection rules
• Conduct research (OSINT, labs etc.) to generate threat intelligence
• Maintain current knowledge of adversaries’ tactics, techniques, procedures, malware attacks, and other cyber security threats
• Curate knowledge based on APT groups, monitoring and detection tools
• Interact with customers orally and in writing
• Proactively identify cyber security improvements and recommend appropriate control improvements

Benefits

• Cibus
• Work-life balance