
אבטחת מידע וסייבר
Deloitte נחשבת כמובילה בתחומי ייעוץ אבטחת המידע וה-Cyber בעולם. כוחו של התחום מתבטא בחיבורו למניעים העסקיים של לקוחותינו וביכולת לספק קשת רחבה של ידע ופתרונות המתבססים על ניסיון שנצבר בפרויקטים ברחבי העולם. אנו מאמינים כי אבטחת מידע וסייבר מהווה חלק בלתי נפרד מההתנהלות הארגונית הכוללת ונעשית בתיאום מלא אל מול האסטרטגיה העסקית של הארגון ועל כן יש צורך ב"תפירת" פתרונות מקצועיים הנובעים מהצורך הייחודי של כל לקוח ולקוח. Deloitte מעסיקה למעלה מ- 3,500 מומחים המשמשים כיועצי אבטחת מידע אצל מגוון לקוחות ממגזרים שונים, ומהווים מוקד של ידע וניסיון נגישResponsibilities
Translate designs and wireframes into high quality code
Design, build, and maintain high performance, reusable, and reliable C++code
Ensure the best possible performance, quality, and responsiveness of the application
Identify and correct bottlenecks and fix bugs
Help maintain code quality, organization, and automatization
Skills and Qualifications
5+ years of C++ desktop apps development experience
Strong command of C++ language
Solid experience in Qt framework and cross platform development
Experience with development applications for Windows/Linux/Mac OS platforms.
Good understanding of OOP/OOD.
Experience in multithreading and network programming (TCP/UDP, HTTP/S, XMPP, etc).
Experience in Windows system programming (Windows services) is a plus.
Experience in IPC, Google Protobuf, XML/JSON is a plus.
Self-managed, self-motivated and good teamwork
You must write solid, high quality, maintainable code.
Advanced level of English
Requirements:
Demonstrable experience as a developer or using scripting languages such as Python, Go, Bash, Shell, JavaScript or PowerShell to automate solutions for enterprise-wide challenges
Demonstrable hands-on technical experience deploying and securing IaaS and PaaS solutions through DevOps CI/CD pipelines such as Azure DevOps, Jenkins or GitHub Actions
Infrastructure as code development using Terraform, ARM templates, Bicep or CloudFormation
Code development with version control using GitHub or GitLab
Advantage:
Developing and securing containerized applications in a microservices architecture on GKE, AKS or EKS
Securing and monitoring service mesh with Istio
Utilizing static/dynamic code analysis tools, understanding policies and rules
Centralized secrets management
Leveraging API gateways
Developing and securing serverless applications
C#
Familiarity with cyber security frameworks such as NIST and CIS
Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
Assist clients in identifying and remediating gaps as identified throughout the investigation.
Provide clients guidance and advice in regards to cyber incidents, forensics, and incident response.
Document findings and create well written reports.
Qualifications
Required:
5+ years of information security experience in one or more of the following areas: IT security, incident handling and response, exploit analysis, network intelligence gathering, vulnerability management, digital forensics methods and procedures.
Must have Linux/Unix technical experience including creation and modification, administration, troubleshooting, and/or forensic and Incident Response experience.
Actual technical skills. Should be able to conduct an investigation from start to finish given a wide variety of available tools and resources.
3+ years of experience with at least two of the following tools: X-ways Forensics, Forensic Explorer, EnCase Forensic, EnCase Enterprise, AccessData FTK, Volatility, SANS SIFT, Carbon Black, Crowd Strike, Splunk, Internet Evidence Finder/Axiom.
Familiarity with threat intelligence and applied use within incident response and forensic investigations.
Experience with malware analysis and understanding attack techniques.
Experience interpreting, searching, and manipulating data within enterprise logging solutions.
Experience working with network, host, and user activity data, and identifying anomalies.
Ability to demonstrate an investigative mindset. Not just being able to execute a task, but being able to understand the reason for that task, and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process.
Outstanding written and oral communication skills and the ability to prioritize work.
The ability to be a strong team player and working well with others.
Demonstrable personal interest in computing, security, and digital communications.
Preferred:
BA/BS in computer science, management information systems or related field.
CISSP, CISM, EnCE, CHFI, GREM, GCFA, GCFE, or GCIH certification.
Work youll do:
Conduct Red Team Assessments, Purple Team Assessments, Network Penetration Tests, Wireless Security Assessments, Vulnerability scanning & assessment and OnsiteRemote Social Engineering for our International clients worldwide
Create and write comprehensive technical and managerial assessment reports including remediation recommendations
Use automation and scripting to reduce manual processes, improving efficiency and enabling new capabilities
lead a team of at least 2 PT/ Red team professionals
Requirements:
3+ years of experience performing offensive/attack-oriented security assessments (Red team, Purple Team, vulnerability scanning and assessments) from end to end.
1+ year of experience in technically leading a team of PT/ Red team professionals.
Experience in scripting and developing tools in Python, PowerShell, bash etc.
Proficiency in tools such as Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, and Aircrack-ng
Strong critical thinking and problem-solving skills
Preferred:
lab-based certifications such as CRTP, CRTE, CRTO, CARTP, RTO, OSCP, OSCE3 (OSED/OSEP/OSWE), GPEN, GXPN and GCPN
Experience in buildingautomating RedBlue Team Infrastructure
Previous Consulting or Big 4 experience
Excellent English writing and verbal communication skills
Ability to take ownership and pride in your performance and its impact on the firms success
Join us!
At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
Thats why we continue to reinforce our commitment to creating a culture where everyone has equal opportunity to grow, develop, succeed and be their truest selves.
Requirements:
1+ year experience in configuring, developing, implementing, or architecting information systems.
1+ year with technical architecture experience integrating identity management, access management or access governance software into clients infrastructure and applications.
Identity Management familiarity in one or more of the following areas: Single Sign On, Identity Federation, Enterprise Directory Architecture, Resource Provisioning, Identity & Access Governance including Role based access control, access request and Certification.
Experience with one of the following solutions:
CyberArk, Thycotic, BeyondTrust, Okta, SailPoint IIQ, IBM ISIMISAM
Advantage
1+ year experience with the following programming languages: Java, JavaScript, JSP/Servlets, SQL.
1+ years managing projects through the full system development lifecycle
At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
Thats why we continue to reinforce our commitment to foster inclusion.
Conduct ongoing penetration testing for our clients infrastructure, mobile app, web applications.
Interpret vulnerabilities, identify weaknesses, exploit them.
Report the security findings in a clear and concise manner.
Keep up-to-date with tools, countermeasures, threats, & technologies.
In order to succeed, you should have:
At least 2 years of experience as a penetration tester / Application Security
Experience with Python, PowerShell, or similar scripting languages
Previous Consulting or Big 4 experience
An individual who is a team player, out-of-the-box thinker and creative
holds a certification of OSCP/OSEP/CRTP- nice to have
Experience with cloud security controls and best practices (AWS/Azure/GCP)- nice to have
As a SOAR Automation Developer, you will be part of the Deloitte Cyber D&R Team to deliver a Standardized SaaS platform to our clients. You should possess advanced skills of working in a DevOps team and a basic understanding of SecOps such as Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.
Develop automation playbooks using modern SOAR Platforms (for example, ServiceNow SOAR, Phantom, Swimlane) to support Security Operations
Design and Develop Integration solutions to other security appliances such as Exabeam, Chronicle, Crowdstrike, Splunk ES by leveraging SOAR Platform
Test, customize and master APIs for off-the-shelf and common security and IT tools
Maintain a solid understanding of the Cyber Security Operation Center (people, process, SIEM technology), goals, and security initiatives
Identify and recommend operational improvements to the Deloitte Cyber Service, drawing on SOC operational experience and industry specific knowledge of risks
Manage any in-scope solution projects (integration/ implementations)
Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
Adhere to internal operational security and other Deloitte policies
Contribute to team and organizational improvements in process and infrastructure
Required:
Bachelor of Science with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience
Understanding of the full software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
Previous work experience with JavaScript or Python
Understanding how modern software architectures works (client-server, Web technology, micro-services)
1+ years working in security information and/or technology engineering support experience
Understanding of basic SOAR technologies (Security Orchestration and Automation Response) systems
Basic knowledge in system security architecture and security solutions
Basic knowledge in cloud solutions such as AWS, Azure, or GCP
Strong programming experience solving technical challenges
Preferred:
Advanced Experience in ServiceNow such as: Configuring and Integrating ServiceNow with other Security Tools via API, Developing Automated Flows to orchestrate actions like data enrichments or Incident Response
Experience in security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network and host-based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
Strong understanding of threat analysis and enterprise level mitigation strategies
Working knowledge of how malicious code operates and how technical vulnerabilities are exploited
Working knowledge of operating systems and networking technologies in general
Working knowledge of cyber threats, defenses, motivations, and techniques
Knowledge of web application frameworks: Express, Flask, Django, and/or Angular, React
Database technologies
Excellent oral and written communication skills
Strong analytical and problem-solving skills
Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
As an Automation Developer, you will be part of the CYBER D&R Automation team. You should possess an understanding of Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.
Develop automation playbooks using modern SOAR Platforms (for example, ServiceNow SOAR, Phantom, Swimlane) to support Security Operations
Design and Develop Integration solutions to other security appliances such as Exabeam, Chronical, Crowdstrike, Splunk ES by leveraging SOAR Platform
Test, customize and master APIs for off-the-shelf and common security and IT tools
Manage any in scope solution projects (integration/ implementations)
Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
Contribute to team and organizational improvements in process and infrastructure
Design, implement, and maintain efficient and reusable Python code
Review, debug, and resolve technical issues throughout all stages of SDLC
Integrate SOAR platform with other security tools and APIs to execute automated workflows
Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
Measure effectiveness of process improvement and automation efforts via metrics and KPIs
Expert in creating, modifying, tuning IDS signatures/SIEM Correlation Searches/yara rules and/or other detection signatures
Familiarity with disk based forensic methodologies, Windows, and Linux forensic artifacts
Experience with Endpoint Detection and Response (EDR) tools such as Carbon Black, Tanium, Crowdstrike, etc.
Able to create, modify, update, and maintain Python and PowerShell scripts that enhance endpoint detection capabilities
In-depth knowledge of attacker tactics, techniques, and procedures
Qualifications
Required:
Bachelor of Science with a concentration in computer science, information systems, information security, or engineering disciplines or equivalent work experience
Minimum 3 years of experience with Splunk operations and maintenance including 2 or more years of Splunk Phantom Engineering
Understanding of the full software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
Understanding how modern software architectures works (client-server, Web technology, micro-services)
Understanding of basic SOAR technologies (Security Orchestration and Automation Response) systems
Understanding of common network infrastructure devices such as routers and switches
Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
Basic knowledge of cloud infrastructure and operations, system security architecture, and security solutions
Strong programming experience solving technical challenges
Database technologies proficiency: SQL, NoSQL, or PostgreSQL
Understand multi-process architecture
Professional experience with Code Repositories and Version Control GitHub Preferred
Working knowledge of SOAP/REST APIs, JSON, HTML/CSS, JavaScript, XML
Experience as a SOC Analyst and/or Incident Responder
Authored SOC SOPs, playbooks, work instructions and/or other process documents
Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision
Knowledge of Cloud Services such as AWS, Azure, Office365
Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
Knowledge in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures
Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
Travel up to 10% (While 10% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
Preferred:
5+ years working in security information and/or technology engineering support experience
Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH) or equivalent
Experience with security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
Strong understanding of threat analysis and enterprise level mitigation strategies and frameworks like MITRE
Working knowledge of cyber threats, defenses, motivations, and techniques
Excellent interpersonal and organizational skills
Excellent oral and written communication skills
Strong analytical and problem-solving skills
Self-motivated to improve knowledge and skills
A strong desire to understand the root cause of security incidents along with identification of threat vectors
Experience with Apache Nifi and secure Nifi registry
Knowledge of web application frameworks: Flask, Django etc. for dashboard/ widget development
Work youll do:
Conduct Red Team Assessments, Purple Team Assessments, Network Penetration Tests, Wireless Security Assessments, Vulnerability scanning & assessment and OnsiteRemote Social Engineering for our International clients worldwide
Create and write comprehensive technical and managerial assessment reports including remediation recommendations
Use automation and scripting to reduce manual processes, improving efficiency and enabling new capabilities
Requirements:
3+ years of experience performing offensive/attack-oriented security assessments (Red team, Purple Team, vulnerability scanning and assessments)
Experience in scripting and developing tools in Python, PowerShell, bash etc.
Proficiency in tools such as Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, and Aircrack-ng
Preferred:
lab-based certifications such as OSCP, OSCE, GPEN and GXPN
Experience in buildingautomating RedBlue Team Infrastructure
Previous Consulting or Big 4 experience
Excellent English writing and verbal communication skills
Join us!
At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
Thats why we continue to reinforce our commitment to creating a culture where everyone has equal opportunity to grow, develop, succeed and be their truest selves.
Job Description:
Define cloud architecture aligned with business and technology needs
Developing technology solutions for our customers in cooperation with the cloud eco-system and cyber security tools.
You possess the following skills and experience:
4+ years experience in cloud architecture - must
HO experience with SAAS, GCP, AWS, AZURE cloud platforms must
Experience in Identity management and authentication systems and protocols (Active Directory, LDAP, SAML,OAuth, RADIUS) - must
High proficiency English must
Representative skills withing high level business and technology stakeholders
good knowlage with Security compliance and frameworks such as CSA CCM.
Experience in security auditing in cloud environment and in migration processes An advantage
Relevant cloud security certificate (AWS ,AZURE, CCSK , CCSP) An advantage
Requirements:
Working experience in at least two of the areas listed below:
4+ years of experience in technical consulting, client problem solving, architecting and designing solutions
4+ years of hands-on technical experience with Microsoft 0365 enterprise-level messaging and collaboration services (Teams, Skype, One Drive, Exchange, SharePoint, O365) in implementation and operations.
4+ years of hands-on technical experience with enterprise-level systems management systems such as SCCM and endpoint engineering, or mobile device management (e.g. Intune) implementation or operations
4+ years of hands-on technical experience enterprise-with Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations.
At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
Thats why we continue to reinforce our commitment to foster inclusion.
Main Roles:
1.Lead a team of Cloud professional to high performance while setting up KPIs and yearly performance targets
2.Conduct technical Cloud projects mainly with our US clients
3.Develop and mange relationships with our Deloitte US counterparts.
4.Develop current and new Cloud services.
Requirements:
4+ years of managing cloud professional teams
4+ years of experience in technical consulting, client problem solving, architecting, and designing solutions.
5+ years of hands-on technical experience with either Azure, GCP or AWS
4+ years of demonstrable hands-on technical experience deploying Cloud (Azure, AWS, GCP) security, governance, monitoring, data protection and identity solutions
Ability to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels
Experience in designing and implementing standards, specifications, and procedures.
Strong interpersonal and leadership skills
Strong oral and written communication skills- Hebrew and English
Skilled in discussing complex security issues in understandable business terms
Very detailed knowledge of system security vulnerabilities and remediation techniques
At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
Thats why we continue to reinforce our commitment to foster inclusion.