Lead Incident Response Analyst

Or Yehuda, Israel | IT/Operations

This role will sit within the Security Operations group, which protects and defends MyHeritage. The Lead Incident Response Analyst will work in both a team environment and independently to analyze information security systems and threat intelligence in order to detect and respond to potential threats and recommend mitigation strategies. 

What You’ll Do

• Function as a focal technical lead on incident events providing technical, hands-on investigation, and support
• Lead the investigative process for network intrusions, MyHeritage products, and other cybersecurity incidents to resolve the cause and extent of the attacks
• Handle the chain of custody for all evidence collected during incidents, security, and forensic investigations
• Summarize events and incidents effectively to different constituencies, such as legal counsel, executive management, and technical staff, both in written and verbal forms
• Perform sophisticated malware detection and threat analysis
• Prioritize and differentiate between potential incidents and false alarms
• Continuously review SIEM dashboards, system, application logs, Intrusion Detection Systems (IDS), and custom monitoring tools
• Perform QA and lead and train Tier 1 incident responders to investigate and resolve any security incidents while encouraging teamwork and growth
• Provide technical input into and analysis of strategic and tactical planning to ensure accurate and timely service deployments
• Stay up to date with current vulnerabilities, attacks, and countermeasures to effectively handle the responsibilities of this role

What You Bring

• Bachelor’s degree in computer science/information security/similar major or demonstrable experience in a related field
• Deep understanding of security incident handling and forensics skills including probing and attack methods, network/service discovery, system assessment, viruses, and other forms of malware
• Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), phishing, malicious payloads, malware, applications, etc.
• Experience with information security technologies such as, but not limited to, SIEM, IPS/IDS, vulnerability management software, user behavior monitoring, unstructured data monitoring tools or internet content filters
• Solid grasp of network technologies including TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching
• Solid grasp of application/business/systems security analyst experience 
• Strong analytical skills and attention to detail, as well as excellent communication skills

What Else

• Any of the following professional certifications: CISSP — Certified Information Systems Security Professional, CEH — Certified Ethical Hacker, CompTIA Security +, SANS GIAC, and Microsoft, Linux, Networking or related certifications
• Knowledge of offensive security techniques and familiarity with scripting languages and data analysis tools
• Experience working in a global company
• Knowledge of common security assessment frameworks such as MITRE ATT&CK Matrix, NIST, HITRUST, COBIT, etc.
• Experience leading small teams

About MyHeritage

MyHeritage is the leading global discovery platform for exploring family history. As technology thought leaders, MyHeritage has transformed family history into an activity that is accessible and instantly rewarding. Our global user community enjoys access to a massive library of historical records, the most internationally diverse collection of family trees, and groundbreaking search and matching technologies. Learn more at www.myheritage.com. See what it’s like to work at MyHeritage on www.glassdoor.com.