Senior Technical Incident Handler | Intuit

- Collaborated with technical and business teams to identify, manage, and respond to security threats

- Assisted with security governance and compliance efforts, forensic analysis, and mitigation of cyber security, Fraud, data and AI critical security incidents

- Continuously assessed and recommended mitigations to improve security posture

- Conducted security analysis and purple team exercises to identify potential risks in the attack surface

- Demonstrated proficiency in cloud infrastructure environments such as AWS

- Applied Security Incident Response processes and industry best practices

- Utilized cybersecurity frameworks such as MITRE/NIST to implement security best practices

- Expertise with endpoint and network security management systems, such as: Splunk Enterprise Security, CrowdStrike, Cisco Umbrella, Logscale

- Gathered and correlated logs from multiple sources to pinpoint gaps in security coverage using Splunk correlation searches

- Utilized Service Now ticketing system to streamline incident response and created automation procedures to increase response efficiency

- Developed security automations and automated daily tasks using Splunk SOAR and dedicated SOAR playbooks to improve overall security posture

Senior Incident Response Analyst | TD Bank Innovation Center

- Responsible for overseeing incidents to aid and direct incident response efforts and manage the team's priorities

- Accountable for the team's response to incoming incidents and events and the required actions throughout the incident response process

- Providing oversight and supporting Analysts through incident response efforts

- Responsible for the quality assurance of ticket quality, incident briefings, quality and adherence to SLAs

- Partner across teams for coordination of technical incident response, business and executive bridges and war rooms

- Collaborate with relevant teams to implement security controls, validations, best practices, and enable mechanisms for incident response and data breach detection

- Facilitate audit activities as initiated from internal and external entities, following established policies and procedures

- Contribute to Playbooks, Operating Models and on-going maintenance of standards and processes

- Consult with partners on Technology Controls and Information Security programs, incidents, and controls

- Articulate and document impact of control gaps to the business and the overall Bank, risk mitigation and remediation plans, documentation of triage steps or engagement with key stakeholders on resolving overall Bank issues

- Develop and enhance internal policies and procedures for related incident and event handling capabilities

- Adhere to and advise on, oversee, monitor, enforce enterprise frameworks and methodologies that relate to information security incident management activities

- Provide executive level updates, written and verbally, on current and past cyber incidents. Explain complex technical concepts in business terms

- Participate in Enterprise Cyber Security Incident Scenario analysis and exercises

Senior Cyber Security Incident Response Analyst | WhiteHat LTD

- Handling cloud-based cyber incidents, performing deep system and platform investigation

- Handling advanced information security incidents, operating SIEM systems – Qradar, Splunk

- consulting, guidance, Incident response management, monitoring and security incidents analysis

- Wide experience in security systems, such as: Firewall, EDR, Anti-Virus

- consulting, guidance, cyber-Incident response management, monitoring and security incidents analysis

- Developing, writing and implementing behavioral indicators and process-based defense rules for security systems

- Performing Malware Analysis and research for Incident Response and monitoring

- Digital Forensics research and analysis, operating forensics tools – Autopsy, Sysinternals

- Dealing with cyber intelligence information gathering – Clear & Dark Web

- Leveraging APIs and scripting tools to perform daily security tasks such as: Data collection and Operating system manipulation

Incident Response Analyst | WhiteHat LTD

Security Operations Center Analyst | WhiteHat LTD

Intelligence Analyst | Unit 8200 - Israeli Defence Force

- Cyber Intelegence analyst at 8200 unit, IDF

- Intelligence gathering and analysis, information processing by advanced technologies and security systems

- Forensics analysis, performing intelligence research operating advanced security systems

- Specializing in network and security protocols, databases, operating systems

- Managing and operating intelligence projects, co-operating with various cyber teams

HIT | Holon Institute of Technology

B.Sc Computer Science.

See-Security: Cyber & Information Security College

CSPT – Cyber Security Penetration Tester (Hacking Defined Experts), Cyber Security & Cyber Warfare