Company Description
We are a reputable software company specializing in the healthcare industry. Since 1988 we have been servicing the healthcare industry by providing various products to laboratories, hospitals and doctors. As a member of our organization you will be joining a smart and driven team that shares your passion for exploration and discovery in the Healthcare Software vertical. Our significant investment in people, processes, and technology equips our employees with the resources and opportunities to drive substantial value for all our client partners.Performs all administration, development, management, configuration, and testing tasks related to the SEIM. Content development including reports, dashboards, analytic (KQL) rules, filters, and metrics. The SIEM Engineer also develops, implements, and executes standard procedures for the "front-end" operation within Microsoft Sentinel. The SIEM engineer will also communicate with the SOC Manager and Analysts to optimize the KQL (analytics) performance to better meet the needs of the SOC.Other duties include:
- Developing, implementing, and executing standard procedures for the administration, backup, disaster recovery, and operation of the SIEM including:
- Operating system security hardening (vms, azure monitor connectors) Version/patch management (vms for azure monitor connectors)
- Lifecycle upgrade management
Qualifications
Cyber Intelligence :
Maintain relationships with Information Security intelligence peers, Industry peers, and law enforcement community to be able to leverage information-sharing networks Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks Develop actionable intelligence to drive countermeasure development Share operational threat intelligence with SOC Analyst peers Work closely with security officers to get direct feedback about new, unknown suspicious behaviour, and indicators Research, analyze, and synthesize large amounts of data and information. Work closely with content & policy engineers to provide information on detection patterns for new upcoming threats. Participate in an on-call rotation
Forensic / Investigator
The Forensic Analyst is responsible for the development and maturity of the forensic and investigations program within the Medfar organization. The Forensics Analyst performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer-related evidence. They will examine malicious code (malware), attack vectors, and network communication methods, analyze against target systems and networks, determine target network capabilities and vulnerabilities, support the development and maintenance of new tools and techniques to exploit specific targets, and produce technical, after-action reports in support of the CUSTOMER.Additional responsibilities include:
- Conduct forensics analysis on systems and ensure root cause and resolution for metrics, tracking and lessons learned are compiled, documented and disseminated.
- Use of forensic tools and investigative methods to find specific electronic data, including internet use history, processing documents, images, and other files.
- Disseminating and reporting cyber-related activities, conducting vulnerability analyses, conducting risk management of computer systems and recovering information from computers and data storage devices. Analyze and review escalated cases until closure; this includes investigating and recommending appropriate corrective actions for data security incidents which includes communicating with the implementation staff responsible.
- Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity.
- Research, develop, and keep abreast of testing tools, techniques, and process improvements in support of security event detection and incident response.
- Reverse engineer and analyze binaries, files, and other malicious attack artifacts.
- Establish, maintain and ensure complete chain of custody of forensic evidence.
- Recovers and examines data from computers and other electronic storage devices in order to use the data as evidence in criminal prosecutions.
- When equipment is damaged, the forensic analyst must dismantle and rebuild the system in order to recover lost data.
- Analyst writes up technical reports detailing how the computer evidence was discovered and all of the steps taken during the retrieval process.
- The Analyst also gives testimony in court regarding the evidence he or she collected. The Analyst keeps current on new methodologies and forensic technology, and trains law enforcement officers on proper procedure with regard to computer evidence.
- The Forensic Analyst will contribute to the design and development of innovative research projects and attend and participate in professional conferences to stay abreast of new trends and innovations in the field of information systems and/or cyber security.
- This expert is not only proficient in the latest forensic response and reverse engineering skills, but is astute in the latest exploit methodologies.
- He/she will provide significant input into the design and development of the organizations working information security systems operations and maintain strategy and methodology to comply with the organization’s cyber security standards and mission.
Additional Information
- Fixed Night Shift
- Salary Best in the Industry
- Allowances
- Insurance Benefits
