DFIR & Threat Hunting Researcher
3 Months ago • All levels
Research Development
Job Description
CyberArk, a global leader in Identity Security, seeks a Senior DFIR & Threat Hunting Researcher for its Global Information Security Team. This role involves conducting digital forensics and threat-hunting across CyberArk's global network, endpoints, and cloud environments. The researcher will also develop new methods and tools to improve detection and response capabilities. Responsibilities include performing digital forensics analysis on disk, memory, network, and cloud artifacts, supporting incident response, maintaining forensic tools, and documenting findings. Additionally, the role requires proactive threat hunting using various data sources, developing threat-hunting hypotheses, and collaborating with the SOC team. Researching emerging threats, attack vectors, and security technologies, as well as developing tools and automation for DFIR and threat-hunting, are also key aspects.
Must Have:
- Digital forensics analysis on disk, memory, network, cloud artifacts
- Support incident response efforts
- Proactively hunt for malicious activity
- Develop threat-hunting hypotheses and queries
- Research emerging threats and attack vectors
- Develop and improve DFIR and threat-hunting tools
CyberArk, the global leader in Identity Security, is looking for a skilled and passionate Senior DFIR & Threat Hunting Researcher to join its Global Information Security Team. In this role, you will conduct digital forensics and threat-hunting activities across CyberArk's global network, endpoints, and cloud environments. You will also research and develop new methods and tools to enhance the detection and response capabilities of the CyberArk Information Security team.
Responsibilities:
Digital Forensics and Incident Response (DFIR):
- Perform digital forensics analysis on various types of evidence, such as disk, memory, network, and cloud artifacts (AWS – advantage).
- Support incident response efforts by providing technical expertise, containment, eradication, and recovery guidance.
- Maintain and operate forensic tools and platforms, ensuring they are up-to-date and reliable.
- Document and report on forensic findings and recommendations, following the established procedures and standards.
Threat Hunting:
- Proactively hunt for malicious activity and indicators of compromise across CyberArk's network, endpoints, and cloud environments using various data sources and analytical techniques.
- Develop and refine custom threat-hunting hypotheses, queries, and dashboards based on the latest threat intelligence and trends.
- Collaborate with the SOC team to validate, escalate, and respond to identified threats.
Research and Development:
- Research emerging threats, attack vectors, threat actors, APTs, security technologies and CyberArk products and share insights and best practices with the team and the broader security community.
- Develop and improve tools, scripts, correlation alerts and automation to enhance the SOC team's DFIR and threat-hunting capabilities.
#LI-CB1
Set alerts for more jobs like DFIR & Threat Hunting Researcher
Set alerts for new jobs by CyberArk
Set alerts for new Research Development jobs in United Kingdom
Set alerts for new jobs in United Kingdom
Set alerts for Research Development (Remote) jobs
