Experience

Blacklane

• Germany
• Travel Arrangements
• 200 - 300 Employee

• Senior Security Engineer

  • Jul 2021 - Jan 2022

  • Worked closely with DevOps, developers, and stakeholders to securely design, deploy, and implement systems and software as Blacklane expands and rolls out new features. • Performed Application Security Testing, Secure Design/Code, Threat Modeling, Security Monitoring, Incident Response, SDLC, and Security Architecture training and Security awareness across departments. • Researched, and integrated security tools into CI/CD pipeline, including container security, SAST… Show more • Worked closely with DevOps, developers, and stakeholders to securely design, deploy, and implement systems and software as Blacklane expands and rolls out new features. • Performed Application Security Testing, Secure Design/Code, Threat Modeling, Security Monitoring, Incident Response, SDLC, and Security Architecture training and Security awareness across departments. • Researched, and integrated security tools into CI/CD pipeline, including container security, SAST with SonarQube and DAST application scanning, third-party vulnerability scanning mainly with Burp Suite, etc. • Enhanced Information Security policies and Security Architecture. Advising different stakeholders on IT Security subjects. • Mentored DevOps engineers, developers, and product owners about IT Security best practices and standards. Show less



ThriveDX Enterprise

• United States
• Software Development
• 100 - 200 Employee

• Product Manager

  • Mar 2020 - Jun 2021

  • Managed, developed, and integrated processes for Cybint Bootcamp product – a cyber security product that prepares people with little or no background in IT for entry-level jobs in the field. • Acted as the main subject matter expert for developing content and attack simulations for the product. • Developed virtual machine labs and simulations using AWS - EC2, ECS/EKS. • Collaborated with different departments such as the instructional designers and developers to define and execute… Show more • Managed, developed, and integrated processes for Cybint Bootcamp product – a cyber security product that prepares people with little or no background in IT for entry-level jobs in the field. • Acted as the main subject matter expert for developing content and attack simulations for the product. • Developed virtual machine labs and simulations using AWS - EC2, ECS/EKS. • Collaborated with different departments such as the instructional designers and developers to define and execute product objectives. • Defined the Bootcamp courses content, learning objectives, and goals. • Managed Cybint's AWS Cloud Security: IAM, SSO, AWS WAF & Shield, Amazon Inspector, Amazon GuardDuty, CloudTrail, AWS KMS, Cognito. Show less



F5

• United States
• IT Services and IT Consulting
• 700 & Above Employee

• Security Data Analyst

  • Oct 2018 - Nov 2019

  Tel Aviv - Jaffa, Tel Aviv District, Israel • Analyzed and detected customer web application and network attacks. Developed relevant security policies, rules and signatures to improve product detections. • Searched for undetected threats and false positive events. • Wrote queries and scripts with Elasticsearch, SQL and Python, using Kibana, SQL Server, PyCharm. Mostly for ElasticDB, RedShift, MongoDB and Redis. • Worked with F5 BIG-IP product to detect and analyze attacks. • Investigated suspicious OWASP Top 10 and OWASP… Show more • Analyzed and detected customer web application and network attacks. Developed relevant security policies, rules and signatures to improve product detections. • Searched for undetected threats and false positive events. • Wrote queries and scripts with Elasticsearch, SQL and Python, using Kibana, SQL Server, PyCharm. Mostly for ElasticDB, RedShift, MongoDB and Redis. • Worked with F5 BIG-IP product to detect and analyze attacks. • Investigated suspicious OWASP Top 10 and OWASP Automated Threats events and scenarios on customers to detect malicious bots and attacks. • Worked with the data science team to build ML models for classifying and detecting attacks. • Generated security incident reports to F5 customers via statistics and analysis. • Checked for Zero-Day attacks and new CVEs on daily basis. Show less



Imperva

• United States
• Computer and Network Security
• 700 & Above Employee

• SOC Engineer

  • Feb 2017 - Oct 2018

  Tel Aviv • Worked at the security operations center team with hand on Imperva's SecureSphere WAF product. • Provided first response to security incidents, focused on the operational aspect of web-application security: analyzing the threat, suggesting immediate methods of remediation and mitigation, and actively working to block attacks in real-time. • Identified true-positives and false-positive attacks targeting customer's websites. • Analyzed and identified DoS & DDoS attacks, Brute-Force… Show more • Worked at the security operations center team with hand on Imperva's SecureSphere WAF product. • Provided first response to security incidents, focused on the operational aspect of web-application security: analyzing the threat, suggesting immediate methods of remediation and mitigation, and actively working to block attacks in real-time. • Identified true-positives and false-positive attacks targeting customer's websites. • Analyzed and identified DoS & DDoS attacks, Brute-Force attacks, WAF attacks, Scraping and filtering of unwanted traffic, and also performed the initial analysis and mitigation of application attack vectors, such as XSS, SQLi, LFi/RFI and RCE. Show less



Dell EMC

• United States
• IT Services and IT Consulting
• 700 & Above Employee

• SOC Analyst Tier-2

  • 2016 - 2017

  Be’er Sheva Area, Israel • Identified malicious ICS/SCADA and IT activity, reviewed low signature attack patterns over time using statistical analysis of events and by appropriate queries. • Collected, analyzed and investigated SIEM-Events and ICS/SCADA-Events originated from Israeli power plants SIEMs and external sources. • Created and maintained operational reports for Key Performance Indicators as well as monthly metrics. • Utilized Cyber Security and Big-Data tools RSA Archer and Splunk to analyze and… Show more • Identified malicious ICS/SCADA and IT activity, reviewed low signature attack patterns over time using statistical analysis of events and by appropriate queries. • Collected, analyzed and investigated SIEM-Events and ICS/SCADA-Events originated from Israeli power plants SIEMs and external sources. • Created and maintained operational reports for Key Performance Indicators as well as monthly metrics. • Utilized Cyber Security and Big-Data tools RSA Archer and Splunk to analyze and prevent future attacks. Show less



The DigiTrust Group

• United States
• Computer and Network Security
• 1 - 100 Employee

• Information Security Analyst

  • 2014 - 2016

  Tel Aviv, Israel • Identified security attack attempts targeted clients websites. • Used Incapsula and Sumo Logic (SIEM tool) to identify Cyber threats. • Interrogated suspicious activities (potential Malwares, Trojans, Viruses and Rootkits). • Provided reports and solutions to clients regarding attack attempts. • Blacklisted and blocked suspicious attack vectors and IP addresses.



Israel Defense Forces

• Tank technician

  • 2008 - 2010

  Israel * Efficiently repaired large vehicles and equipment in the field under stressful situations * Troubleshot and identified potential system problems * Worked closely with a team to ensure all equipment functioned to high efficiency and exceeded safety standards