פרסום פרויקט
התחבר עם פייסבוק
התחבר עם LinkedIn
Matan Tal
ראשל"צ, ישראל
פרילנסר
הזמן לפרויקט
אודותינו
Experience working with SIEM - DataDog, Elasic, ArcSight, Qradar, Mcafee, RSA, Splunk, Azure Sentinel and more...
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
שפות
עברית
שפת אם
אנגלית
שליטה טובה
תחומי התמחות
הנדסה
100 ₪
לשעה
הנדסת מחשבים
Experience working with SIEM - DataDog, Elasic, ArcSight, Qradar, Mcafee, RSA, Splunk, Azure Sentinel and more...
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
טכנולוגיה
100 ₪
לשעה
אבטחת מידע ורשתות
Experience working with SIEM - DataDog, Elasic, ArcSight, Qradar, Mcafee, RSA, Splunk, Azure Sentinel and more...
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
Cyber Security סייבר
Experience working with SIEM - DataDog, Elasic, ArcSight, Qradar, Mcafee, RSA, Splunk, Azure Sentinel and more...
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT, FW (MCAS, Azure AD, Imperva, Vectra, Intezer Analyzer, EPO, Cisco AMP, Iron Port, Trend Micro, Varonis, Proofpoint, Darktrace, Malware Bytes, Illusive and more...)
Understanding of Windows and Linux processes.
Querying systems using KQL, AQL and SPL (Splunk).
Quickly perceives what happened and what needs to be done during cyber-Incidents in real-time.
Quick adaptation to different work environments and systems.
Working with clients in Israel, USA, Germany, India, and more…
Experience in gathering Threat Intelligence with various tools - OSINT.
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Proficient in utilizing SIEM tools to monitor and detect potential security threats.
Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
Provided exemplary customer service and technical support for end users in a timely manner.
Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
Documented and tracked all support requests and resolutions accurately in a ticketing system.
Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
Experience working with AS400 systems (for example: Bosa Nova and more…)
Building queries using CMD and PowerShell
נסיון תעסוקתי
נובמבר
2023
-
היום
SOC Analyst
We Ankor , Petah Tikva, Israel- Monitor and analyze security events and incidents using SIEM and EDR tools such as Elastic, Azure Sentinel, ArcSight, DataDog, SentinelOne, CrowdStrike, Cynet, ESET, CheckPoint Harmony, Microsoft Defender and more to detect and respond to potential threats in real-time.
- Create and modify rules within SIEM platforms to enhance threat detection capabilities .and optimize security operations.
- Investigate security breaches and incidents to determine root causes, extent of damage, and appropriate remediation actions.
- Collaborate with internal teams to provide recommendations for improving security posture and mitigating risks.
- Conduct regular security assessments to ensure compliance with industry regulations and best practices.
- Act as a point of contact for incident response, coordinating with relevant stakeholders to contain and resolve security issues effectively.
- Stay current with emerging threats and security technologies through continuous training and professional development opportunities.
- Provided comprehensive cloud services and support across Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, ensuring optimal performance and integration.
- Delivered expert support for NETAPP cloud systems, focusing on data storage, backup, and recovery solutions to enhance infrastructure efficiency and reliability.
פברואר
2023
-
אוקטובר
2023
SOC Analyst
TrustNet , Petah Tikwa, Israel- Experience working with SIEM - Qradar, Mcafee, RSA, Splunk, ArcSight, Azure Sentinel systems.
- Gathering, analyzing, and processing alerts from many systems of cyber protection, handling cyber events in real-time (Isolate workstations, remove malicious files, block IPs, etc.), and writing event reports if necessary.
- Experience with Mail investigations, File investigation (Dynamic & Static analysis), Proactive monitoring & Active threat hunting.
- Hands-on experience in analyzing and investigating events by querying different Systems - Palo Alto Cortex XDR, Cynet, Microsoft - ATP, Sentinel One, Carbon Black, CrowdStrike, Red Canary and more.
- Knowledge in security and monitoring products: WAF, IPS, NAC, AV, DLP, PROXY, MR, SANDBOX, HONEYPOT ,FW (MCAS, Azure AD, imperva, vectra, Intezer Analyzer, EPO, ciscoAMP, Ironport, Trend Micro proofpoint,DarkTrace, Malware Bytes, Illusive andmore)
- Understanding of Windows and Linux processes.
- Querying systems using KQL , AQL and SPL (Splunk).
- Quickly perceives what happened and what needs to be done during cyber Incidents in real-time.
- Quick adaptation to different work environments and systems.
- Working with clients in Israel, USA, Germany, India, and more…
- Experience in gathering Threat Intelligence with various tools - OSINT.
יוני
2021
-
דצמבר
2022
Help Desk Technician
Leumit , Tel Aviv, Israel- Provided exemplary customer service and technical support for end users in a timely manner.
- Assisted with troubleshooting hardware and software issues to ensure optimal system performance.
- Experience working with servers (of companies: Cisco, Microsoft, BigFix, Etc.)
- Documented and tracked all support requests and resolutions accurately in a ticketing system.
- Skilled in investigating security incidents, documenting findings, and recommending remediation actions.
- Experience working with AS400 systems (for example: Bosa Nova and more…)
- Building queries using CMD and PowerShell
3 תחומי התמחות
100 ₪
לשעה