שליחת קו"ח למשרה: 0


    * ניתן לצרף רק קבצים מסוג docx, doc ו- PDF* גודל קובץ מקסימאלי 1 mb

    אני מאשר/ת את הצהרת הפרטיות (קישור)

    אבטחת מידע וסייבר

    Deloitte נחשבת כמובילה בתחומי ייעוץ אבטחת המידע וה-Cyber בעולם. כוחו של התחום מתבטא בחיבורו למניעים העסקיים של לקוחותינו וביכולת לספק קשת רחבה של ידע ופתרונות המתבססים על ניסיון שנצבר בפרויקטים ברחבי העולם. אנו מאמינים כי אבטחת מידע וסייבר מהווה חלק בלתי נפרד מההתנהלות הארגונית הכוללת ונעשית בתיאום מלא אל מול האסטרטגיה העסקית של הארגון ועל כן יש צורך ב"תפירת" פתרונות מקצועיים הנובעים מהצורך הייחודי של כל לקוח ולקוח. Deloitte מעסיקה למעלה מ- 3,500 מומחים המשמשים כיועצי אבטחת מידע אצל מגוון לקוחות ממגזרים שונים, ומהווים מוקד של ידע וניסיון נגיש​
    C++ Qt Developer
    C++ Qt Developer
    Responsibilities
    Translate designs and wireframes into high quality code
    Design, build, and maintain high performance, reusable, and reliable C++code
    Ensure the best possible performance, quality, and responsiveness of the application
    Identify and correct bottlenecks and fix bugs
    Help maintain code quality, organization, and automatization
    Skills and Qualifications
    5+ years of C++ desktop apps development experience
    Strong command of C++ language
    Solid experience in Qt framework and cross platform development
    Experience with development applications for Windows/Linux/Mac OS platforms.
    Good understanding of OOP/OOD.
    Experience in multithreading and network programming (TCP/UDP, HTTP/S, XMPP, etc).
    Experience in Windows system programming (Windows services) is a plus.
    Experience in IPC, Google Protobuf, XML/JSON is a plus.
    Self-managed, self-motivated and good teamwork
    You must write solid, high quality, maintainable code.
    Advanced level of English
    Cloud DevSecOps expert
    We are recruiting a Cloud DevSecOps expert to Deloitte cyber center in Israel.

    Requirements:
    Demonstrable experience as a developer or using scripting languages such as Python, Go, Bash, Shell, JavaScript or PowerShell to automate solutions for enterprise-wide challenges
    Demonstrable hands-on technical experience deploying and securing IaaS and PaaS solutions through DevOps CI/CD pipelines such as Azure DevOps, Jenkins or GitHub Actions
    Infrastructure as code development using Terraform, ARM templates, Bicep or CloudFormation
    Code development with version control using GitHub or GitLab

    Advantage:
    Developing and securing containerized applications in a microservices architecture on GKE, AKS or EKS
    Securing and monitoring service mesh with Istio
    Utilizing static/dynamic code analysis tools, understanding policies and rules
    Centralized secrets management
    Leveraging API gateways
    Developing and securing serverless applications
    C#
    Familiarity with cyber security frameworks such as NIST and CIS

    Cyber Incident Response Manager
    Work youll do

    Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
    Assist clients in identifying and remediating gaps as identified throughout the investigation.
    Provide clients guidance and advice in regards to cyber incidents, forensics, and incident response.
    Document findings and create well written reports.
    Qualifications

    Required:

    5+ years of information security experience in one or more of the following areas: IT security, incident handling and response, exploit analysis, network intelligence gathering, vulnerability management, digital forensics methods and procedures.
    Must have Linux/Unix technical experience including creation and modification, administration, troubleshooting, and/or forensic and Incident Response experience.
    Actual technical skills. Should be able to conduct an investigation from start to finish given a wide variety of available tools and resources.
    3+ years of experience with at least two of the following tools: X-ways Forensics, Forensic Explorer, EnCase Forensic, EnCase Enterprise, AccessData FTK, Volatility, SANS SIFT, Carbon Black, Crowd Strike, Splunk, Internet Evidence Finder/Axiom.
    Familiarity with threat intelligence and applied use within incident response and forensic investigations.
    Experience with malware analysis and understanding attack techniques.
    Experience interpreting, searching, and manipulating data within enterprise logging solutions.
    Experience working with network, host, and user activity data, and identifying anomalies.
    Ability to demonstrate an investigative mindset. Not just being able to execute a task, but being able to understand the reason for that task, and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process.
    Outstanding written and oral communication skills and the ability to prioritize work.
    The ability to be a strong team player and working well with others.
    Demonstrable personal interest in computing, security, and digital communications.
    Preferred:
    BA/BS in computer science, management information systems or related field.
    CISSP, CISM, EnCE, CHFI, GREM, GCFA, GCFE, or GCIH certification.

    Red team leader for Deloitte Cyber Center
    Deloitte Cyber Center in Israel is looking for a talented Red team leader.

    Work youll do:
    Conduct Red Team Assessments, Purple Team Assessments, Network Penetration Tests, Wireless Security Assessments, Vulnerability scanning & assessment and OnsiteRemote Social Engineering for our International clients worldwide
    Create and write comprehensive technical and managerial assessment reports including remediation recommendations
    Use automation and scripting to reduce manual processes, improving efficiency and enabling new capabilities
    lead a team of at least 2 PT/ Red team professionals

    Requirements:
    3+ years of experience performing offensive/attack-oriented security assessments (Red team, Purple Team, vulnerability scanning and assessments) from end to end.
    1+ year of experience in technically leading a team of PT/ Red team professionals.
    Experience in scripting and developing tools in Python, PowerShell, bash etc.
    Proficiency in tools such as Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, and Aircrack-ng
    Strong critical thinking and problem-solving skills

    Preferred:
    lab-based certifications such as CRTP, CRTE, CRTO, CARTP, RTO, OSCP, OSCE3 (OSED/OSEP/OSWE), GPEN, GXPN and GCPN
    Experience in buildingautomating RedBlue Team Infrastructure
    Previous Consulting or Big 4 experience
    Excellent English writing and verbal communication skills
    Ability to take ownership and pride in your performance and its impact on the firms success

    Join us!

    At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
    Thats why we continue to reinforce our commitment to creating a culture where everyone has equal opportunity to grow, develop, succeed and be their truest selves.

    Identity & Access Management Consultant
    We are recruiting an Identity & Access Management Consultant to Deloitte Cyber Center in Israel.

    Requirements:
    1+ year experience in configuring, developing, implementing, or architecting information systems.
    1+ year with technical architecture experience integrating identity management, access management or access governance software into clients infrastructure and applications.
    Identity Management familiarity in one or more of the following areas: Single Sign On, Identity Federation, Enterprise Directory Architecture, Resource Provisioning, Identity & Access Governance including Role based access control, access request and Certification.
    Experience with one of the following solutions:
    CyberArk, Thycotic, BeyondTrust, Okta, SailPoint IIQ, IBM ISIMISAM

    Advantage
    1+ year experience with the following programming languages: Java, JavaScript, JSP/Servlets, SQL.
    1+ years managing projects through the full system development lifecycle

    At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
    Thats why we continue to reinforce our commitment to foster inclusion.

    Penetration Tester
    What youll experience in the role:

    Conduct ongoing penetration testing for our clients infrastructure, mobile app, web applications.
    Interpret vulnerabilities, identify weaknesses, exploit them.
    Report the security findings in a clear and concise manner.
    Keep up-to-date with tools, countermeasures, threats, & technologies.

    In order to succeed, you should have:

    At least 2 years of experience as a penetration tester / Application Security
    Experience with Python, PowerShell, or similar scripting languages
    Previous Consulting or Big 4 experience
    An individual who is a team player, out-of-the-box thinker and creative
    holds a certification of OSCP/OSEP/CRTP- nice to have
    Experience with cloud security controls and best practices (AWS/Azure/GCP)- nice to have

    SOAR Automation Developer
    Work youll do

    As a SOAR Automation Developer, you will be part of the Deloitte Cyber D&R Team to deliver a Standardized SaaS platform to our clients. You should possess advanced skills of working in a DevOps team and a basic understanding of SecOps such as Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.

    Develop automation playbooks using modern SOAR Platforms (for example, ServiceNow SOAR, Phantom, Swimlane) to support Security Operations
    Design and Develop Integration solutions to other security appliances such as Exabeam, Chronicle, Crowdstrike, Splunk ES by leveraging SOAR Platform
    Test, customize and master APIs for off-the-shelf and common security and IT tools
    Maintain a solid understanding of the Cyber Security Operation Center (people, process, SIEM technology), goals, and security initiatives
    Identify and recommend operational improvements to the Deloitte Cyber Service, drawing on SOC operational experience and industry specific knowledge of risks
    Manage any in-scope solution projects (integration/ implementations)
    Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
    Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
    Adhere to internal operational security and other Deloitte policies
    Contribute to team and organizational improvements in process and infrastructure

    Required:

    Bachelor of Science with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience
    Understanding of the full software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
    Previous work experience with JavaScript or Python
    Understanding how modern software architectures works (client-server, Web technology, micro-services)
    1+ years working in security information and/or technology engineering support experience
    Understanding of basic SOAR technologies (Security Orchestration and Automation Response) systems
    Basic knowledge in system security architecture and security solutions
    Basic knowledge in cloud solutions such as AWS, Azure, or GCP
    Strong programming experience solving technical challenges

    Preferred:
    Advanced Experience in ServiceNow such as: Configuring and Integrating ServiceNow with other Security Tools via API, Developing Automated Flows to orchestrate actions like data enrichments or Incident Response
    Experience in security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network and host-based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
    Strong understanding of threat analysis and enterprise level mitigation strategies
    Working knowledge of how malicious code operates and how technical vulnerabilities are exploited
    Working knowledge of operating systems and networking technologies in general
    Working knowledge of cyber threats, defenses, motivations, and techniques
    Knowledge of web application frameworks: Express, Flask, Django, and/or Angular, React
    Database technologies
    Excellent oral and written communication skills
    Strong analytical and problem-solving skills
    Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent

    Senior SOAR Automation Developer
    Work youll do

    As an Automation Developer, you will be part of the CYBER D&R Automation team. You should possess an understanding of Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.

    Develop automation playbooks using modern SOAR Platforms (for example, ServiceNow SOAR, Phantom, Swimlane) to support Security Operations
    Design and Develop Integration solutions to other security appliances such as Exabeam, Chronical, Crowdstrike, Splunk ES by leveraging SOAR Platform
    Test, customize and master APIs for off-the-shelf and common security and IT tools
    Manage any in scope solution projects (integration/ implementations)
    Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
    Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
    Contribute to team and organizational improvements in process and infrastructure
    Design, implement, and maintain efficient and reusable Python code
    Review, debug, and resolve technical issues throughout all stages of SDLC
    Integrate SOAR platform with other security tools and APIs to execute automated workflows
    Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
    Measure effectiveness of process improvement and automation efforts via metrics and KPIs
    Expert in creating, modifying, tuning IDS signatures/SIEM Correlation Searches/yara rules and/or other detection signatures
    Familiarity with disk based forensic methodologies, Windows, and Linux forensic artifacts
    Experience with Endpoint Detection and Response (EDR) tools such as Carbon Black, Tanium, Crowdstrike, etc.
    Able to create, modify, update, and maintain Python and PowerShell scripts that enhance endpoint detection capabilities
    In-depth knowledge of attacker tactics, techniques, and procedures
    Qualifications

    Required:

    Bachelor of Science with a concentration in computer science, information systems, information security, or engineering disciplines or equivalent work experience
    Minimum 3 years of experience with Splunk operations and maintenance including 2 or more years of Splunk Phantom Engineering
    Understanding of the full software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
    Understanding how modern software architectures works (client-server, Web technology, micro-services)
    Understanding of basic SOAR technologies (Security Orchestration and Automation Response) systems
    Understanding of common network infrastructure devices such as routers and switches
    Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
    Basic knowledge of cloud infrastructure and operations, system security architecture, and security solutions
    Strong programming experience solving technical challenges
    Database technologies proficiency: SQL, NoSQL, or PostgreSQL
    Understand multi-process architecture
    Professional experience with Code Repositories and Version Control GitHub Preferred
    Working knowledge of SOAP/REST APIs, JSON, HTML/CSS, JavaScript, XML
    Experience as a SOC Analyst and/or Incident Responder
    Authored SOC SOPs, playbooks, work instructions and/or other process documents
    Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
    Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision
    Knowledge of Cloud Services such as AWS, Azure, Office365
    Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
    Knowledge in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
    Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures
    Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc
    Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
    Travel up to 10% (While 10% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
    Preferred:

    5+ years working in security information and/or technology engineering support experience
    Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH) or equivalent
    Experience with security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
    Strong understanding of threat analysis and enterprise level mitigation strategies and frameworks like MITRE
    Working knowledge of cyber threats, defenses, motivations, and techniques
    Excellent interpersonal and organizational skills
    Excellent oral and written communication skills
    Strong analytical and problem-solving skills
    Self-motivated to improve knowledge and skills
    A strong desire to understand the root cause of security incidents along with identification of threat vectors
    Experience with Apache Nifi and secure Nifi registry
    Knowledge of web application frameworks: Flask, Django etc. for dashboard/ widget development

    Sr. Red team Security Consultant
    Deloitte Cyber Center in Israel is looking for a talented Sr. Red team Security Consultant

    Work youll do:
    Conduct Red Team Assessments, Purple Team Assessments, Network Penetration Tests, Wireless Security Assessments, Vulnerability scanning & assessment and OnsiteRemote Social Engineering for our International clients worldwide
    Create and write comprehensive technical and managerial assessment reports including remediation recommendations
    Use automation and scripting to reduce manual processes, improving efficiency and enabling new capabilities

    Requirements:
    3+ years of experience performing offensive/attack-oriented security assessments (Red team, Purple Team, vulnerability scanning and assessments)
    Experience in scripting and developing tools in Python, PowerShell, bash etc.
    Proficiency in tools such as Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, and Aircrack-ng

    Preferred:
    lab-based certifications such as OSCP, OSCE, GPEN and GXPN
    Experience in buildingautomating RedBlue Team Infrastructure
    Previous Consulting or Big 4 experience
    Excellent English writing and verbal communication skills

    Join us!

    At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
    Thats why we continue to reinforce our commitment to creating a culture where everyone has equal opportunity to grow, develop, succeed and be their truest selves.

    Experienced Cloud Security Architect
    If you want Join Deloittes Advisory Cloud Cyber Services team and become a member of the largest group of cybersecurity professionals worldwide this is your opportunity. We are recruiting a Cloud expert to Deloitte cyber center in Israel.

    Job Description:

    Define cloud architecture aligned with business and technology needs
    Developing technology solutions for our customers in cooperation with the cloud eco-system and cyber security tools.

    You possess the following skills and experience:

    4+ years experience in cloud architecture - must
    HO experience with SAAS, GCP, AWS, AZURE cloud platforms must
    Experience in Identity management and authentication systems and protocols (Active Directory, LDAP, SAML,OAuth, RADIUS) - must
    High proficiency English must
    Representative skills withing high level business and technology stakeholders
    good knowlage with Security compliance and frameworks such as CSA CCM.
    Experience in security auditing in cloud environment and in migration processes An advantage
    Relevant cloud security certificate (AWS ,AZURE, CCSK , CCSP) An advantage

    Cloud Security Senior Consultant
    We are recruiting a Cloud (Microsoft Office 365, Enterprise Mobility & Security (EMS) and Azure Active Directory (AAD)) expert to Deloitte cyber center in Israel.

    Requirements:
    Working experience in at least two of the areas listed below:
    4+ years of experience in technical consulting, client problem solving, architecting and designing solutions
    4+ years of hands-on technical experience with Microsoft 0365 enterprise-level messaging and collaboration services (Teams, Skype, One Drive, Exchange, SharePoint, O365) in implementation and operations.
    4+ years of hands-on technical experience with enterprise-level systems management systems such as SCCM and endpoint engineering, or mobile device management (e.g. Intune) implementation or operations
    4+ years of hands-on technical experience enterprise-with Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations.

    At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
    Thats why we continue to reinforce our commitment to foster inclusion.

    Cloud Security leader
    We are recruiting a Cloud Security Leader to Deloitte cyber center in Israel.

    Main Roles:
    1.Lead a team of Cloud professional to high performance while setting up KPIs and yearly performance targets
    2.Conduct technical Cloud projects mainly with our US clients
    3.Develop and mange relationships with our Deloitte US counterparts.
    4.Develop current and new Cloud services.
    Requirements:
    4+ years of managing cloud professional teams
    4+ years of experience in technical consulting, client problem solving, architecting, and designing solutions.
    5+ years of hands-on technical experience with either Azure, GCP or AWS
    4+ years of demonstrable hands-on technical experience deploying Cloud (Azure, AWS, GCP) security, governance, monitoring, data protection and identity solutions
    Ability to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels
    Experience in designing and implementing standards, specifications, and procedures.
    Strong interpersonal and leadership skills
    Strong oral and written communication skills- Hebrew and English
    Skilled in discussing complex security issues in understandable business terms
    Very detailed knowledge of system security vulnerabilities and remediation techniques

    At Deloitte, we believe that an inclusive mindset and diverse workforce are two of our greatest competitive strengths.
    Thats why we continue to reinforce our commitment to foster inclusion.