5 Iocs Jobs

About KnowBe4 At KnowBe4, we provide the world's largest security awareness training and simulated phishing platform which is utilized by numerous organizations across the globe. Our mission is to assist organizations in combating social engineering threats by educating employees to make informed security decisions on a daily basis. Recognized by Fortune as a top workplace for women, millennials, and technology for four consecutive years, we take pride in our achievements. With certifications as a "Great Place To Work" in 8 countries and various prestigious awards, such as Glassdoor's Best Places To Work, we prioritize radical transparency, extreme ownership, and continuous professional growth in a supportive work environment that embraces individuality. Whether working remotely or in-office, we aim to create a fun and engaging atmosphere with activities like team lunches, trivia competitions, and local outings, ensuring there is always something exciting happening at KnowBe4. Join us by submitting your resume in English. The Cybersecurity Threat Researcher position is based in the KnowBe4 Threat Research Lab and involves deploying and configuring a range of security products and solutions including endpoint, email, web, and network protection. Responsibilities: - Deploy, configure, and maintain various cybersecurity products in a lab setting, encompassing endpoint, web, email, and network protection products. - Manage product inventory including licenses, updates, and multiple versions. - Provide recommendations for security product deployment and configurations. - Conduct analysis of PHISHING emails. - Analyze malicious URLs and PHISHING URLs. - Track and identify new and existing PHISHING campaigns. - Identify trends in the latest phishing emails. Requirements: - Bachelor's degree or equivalent with at least 3 years of experience. - Master's degree or equivalent with at least 1 year of experience. - Proficiency in IOCs, reverse engineering, and threat campaign tracking. - Experience in analyzing malicious URLs and phishing emails. - Ability to script for handling large volumes of threat artifacts. - Email analysis skills to differentiate between PHISHING, Clean, and Spam emails. - Capability to identify PHISHING email campaigns accurately. - Expertise in static and dynamic analysis of URLs and Files. - Proficiency in URL analysis for identifying PHISHING and scam URLs. - Familiarity with creating Yara rules for email grouping and clustering. - Ability to automate daily email classification through scripting. - Stay updated on emerging threats and security technologies. - Analytical thinking and collaborative work approach. Our Fantastic Benefits: We provide company-wide bonuses, employee referral bonuses, adoption assistance, tuition reimbursement, certification completion bonuses, and a relaxed dress code in a modern, high-tech, and enjoyable work environment. For detailed information on benefits in each office location, please visit www.knowbe4.com/careers/benefits. Note: Applicant assessment and background checks may be included in the hiring process. No recruitment agencies, please.,

As a Security Incident Response Analyst at our organization, you will be responsible for incident assessment and response to security alerts and incidents. Your role will involve analyzing these incidents to ensure efficient containment, eradication, and recovery. It will be essential for you to document and report your findings to improve the overall security posture of the organization. In this position, effective communication and coordination are key aspects of your responsibilities. You will act as the primary contact during security incidents, providing clear communication to stakeholders and preparing incident reports. Additionally, you will be required to coordinate with SOC analysts, IT teams, and third-party vendors. Participating in post-incident reviews, developing detections, playbooks, and SOPs will be a part of your continuous improvement efforts. You will also need to identify security control gaps and recommend improvements, as well as conduct training sessions for SOC team members and stakeholders. Monitoring threat intelligence feeds to identify emerging threats and vulnerabilities will be part of your daily tasks. Proactively hunting for indicators of compromise (IOCs) will also be essential to enhance the organization's security posture. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Security, or a related field. A minimum of 1 year of experience in cybersecurity and threat intelligence is required. You must have proven experience in a security operations role with strong incident response and threat intelligence skills. Excellent communication and coordination skills are essential, along with the ability to work effectively under pressure and manage multiple incidents simultaneously. Please note that the benefits and perks associated with this position may vary depending on the nature of your employment with our organization and the country where you work.,

Technical Skill Set: Should have a knowledge and understanding of TCP/ UDP. Clean and rigid understanding on what is an AV and whats an EDR solution Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. Understanding on EDR logs and log co-relation. Should be able to understand and retrieve information from packet captures. Should have a sane knowledge of SIEM solution. Knowledge on Log parsing would be an added advantage. Knowledge on Advisories, IOCs, IOAs, Adversories. What are these and how are these to be processed and why Understanding on actions to be done on receiving an advisory. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: Should be able to prioritize tasks while processing advisories, incidents, problems and events. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. Work with the 3rdparty solution provider for integration purpose. Prepare documentation related to process and Knowledge base for future easy-reference. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. Vendor management skills. Any earlier experience in crisis situation handling would be an added advantage.

We are looking for a candidate who could join our Information Technology Team. Technical Skill Set: Should have a knowledge and understanding of TCP/ UDP. Clean and rigid understanding on what is an AV and whats an EDR solution Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. Understanding on EDR logs and log co-relation. Should be able to understand and retrieve information from packet captures. Should have a sane knowledge of SIEM solution. Knowledge on Log parsing would be an added advantage. Knowledge on Advisories, IOCs, IOAs, Adversaries. What are these and how are these to be processed and why Understanding on actions to be done on receiving an advisory. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: Should be able to prioritize tasks while processing advisories, incidents, problems and events. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. Work with the 3rdparty solution provider for integration purpose. Prepare documentation related to process and Knowledge base for future easy-reference. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. Vendor management skills. Any earlier experience in crisis situation handling would be an added advantage.

As an L1 SOC Analyst, you will be responsible for monitoring alerts and triaging basic security events from SIEM, EDR, and NDR platforms. Your role includes identifying suspicious activities, escalating incidents as per defined SOPs, and supporting the security operations team in daily monitoring tasks. Key Responsibilities: Monitor alerts from SIEM (QRadar, Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), and NDR (LinkShadow/Darktrace) platforms Triage basic security events and validate incidents using established playbooks Escalate potential threats to L2 analysts based on severity and context Review and respond to AV/EDR alerts and execute predefined security queries Log incidents, document actions, and maintain ticketing system with accurate updates Enrich alerts with known threat intelligence and IOCs (IP, domain, file hashes) Support incident response efforts for phishing, malware, brute-force attacks, etc. Collaborate with team members and shift leads to ensure 24x7 monitoring coverage Tool Experience (Preferred): SIEM Tools: Basic use of QRadar and Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint, Antivirus consoles NDR: LinkShadow or Darktrace (basic familiarity) Other Tools: Microsoft Exchange Online Protection (EOP), Azure AD Sign-In Logs (optional) Certifications (Preferred): CompTIA Security+ Microsoft SC-900 Shift Readiness: This role requires flexibility to work in 24x7 rotational shifts , including nights, weekends, and holidays. Required Skills: Understanding of basic cybersecurity concepts Familiarity with security alert triage and incident logging Basic knowledge of Indicators of Compromise (IOCs) Fast learner with strong attention to detail Effective communicator and team player