דרושים » אבטחת מידע וסייבר » Data Protection Officer

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Cloud Apps and Identity Research team is covering multiple SaaS based threat scenarios including Cloud Based Ransomware, Email and Files extortion, Business Email Compromise and related Nation State activity.
Responsibilities
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.

required Security Architect
Job Description
Lead security efforts in your domains and reflect the security posture and gaps to stakeholders

Define and execute annual roadmaps to mitigate security risks and design secure architectures in diverse business units

Review and assess newer complex environments, discovering security gaps and creating security control in the form of policies and other mitigations

Develop best practices and security standards for the organization

Carry out proof of concepts for the latest security tools based on security needs and your own research

Work closely with DevOps team and development teams

required Cyber Security Data Analyst
Detect and characterize suspicious actors and abnormal behavior, to develop automatic data-driven solutions that mitigate cyber risks and threats
Conduct security research and critical incident investigation, leveraging insights from various technical data sources including application and infra raw logs, as well as users BI events
Be an integral part of data science projects - from the project definition, to the data collection, and evaluation of the model
Be the data expert in security projects and work closely with different teams across the company
Build and maintain reports, dashboards, and metrics, in addition to monitoring the integrity and validity of the data reported
Promote cyber security awareness and guidance to other teams within the company regarding our unique methodologies for threat analysis

Meta is seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Metas Security team and will lead and support security investigations across the companys global infrastructure as well as respond to escalations from the Tier1 team. The analyst will leverage an armory of tools to investigate and respond to both external and internal security threats. Utilizing Metas tooling, you will monitor security events in real-time, assess external and internal threats, and provide accurate and timely response. You will collaborate closely with technical teams, with a diverse set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale.
Security Analyst, Security Operations and Incident Response Responsibilities
Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation.
Act as an escalation point for Tier1 investigations, contribute to the development of the Tier1 capability, and ensure adherence to internal service level objectives.
Document security investigations and produce high quality and accurate reports for a wide range of stakeholders.
Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents.
Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies.
Collaborate with cross-functional teams to drive improvements to security tools, policies and processes.
Improve the effectiveness and efficiency of the Security Operations and Incident Response team including the development and refinement of processes and technical capabilities.
Understand and support requirements of internal and external stakeholders, regulators, and auditors.

Meta Security is looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms.
Security Engineer, Incident Response Responsibilities
Lead security incident response in a cross-functional environment and drive incident resolution.
Contribute to Incident Response initiatives that improve Metas capabilities to effectively respond and remediate security incidents.
Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment.
Perform log analysis from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats.
Perform security incident root cause analysis and drive implementation of containment and mitigation strategies.
Build automation for response and remediation of malicious activity.

Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure

The IGS IT and Cloud Consultant works within ISG Managed Services team as a member of the Cloud and IT Services Team. The IGS IT and Cloud Consultant will serve as a technical leader, focusing on supporting the ISG Managed Services offerings. This will be a senior operational and customer facing position, providing thought leadership and technical expertise in Microsoft Azure, 365, on-prem server infrastructure, and endpoint protection agents.

Key Responsibilities
Collaborate with IGS management to grow and support the IGS Cloud and IT service offerings.
Collaborate with client operational leadership to address, develop, and support client security requirements.
Design, implement and manage secure Azure and 365 environments.
Design, implement and manage migrations into Azure and 365.
Work with IGS Security teams to ensure proper security policy adherence.
Collaborate with clients to plan and collaborate on Cloud Security Posture Management.
Assist, when necessary, supporting ITG IT and Cloud Engineers
Assist, when necessary, to triage production issues and environments.
Assist, when necessary, to triage security issues (incident response).
Take complete ownership for assigned tasks and provide timely updates on progress to project management and management team.

required Application Security Expert
Work closely with dev teams on all SDLC levels, performing security design reviews, threat modeling, and penetration tests, while acting as a security mentor for developers
Perform code reviews to identify security flaws and vulnerabilities
Research the platform code and services used by our developers
Build creative tools and services to detect and solve cross-security issues
Develop and deliver security training CTFs for Wix developers