Coralogix - Cloud Security Researcher

Coralogix is rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

By enabling users to define different data pipelines per use case, we provide deep Observability and Security insights, at an infinite scale, for less than half the cost.

About Coralogix :

Coralogix is a SaaS platform that analyzes log, metric, and security data in real-time and uses machine learning to streamline delivery and maintenance processes for software providers, having its headquarters in California, United States . Coralogix is a streaming platform for modern engineering teams. Coralogix's Streama technology produces real-time insights and long-term trend analysis with no reliance on storage or indexing, solving the challenge of data growth in large-scale systems. Ingest data from any source for a single, centralized platform to manage, monitor, and alert your applications. As data is ingested, Coralogix instantly narrows millions of events down to common patterns for deeper insights and faster troubleshooting. Machine learning algorithms continuously observe data patterns and flows between system components and trigger dynamic alerts so you know when a pattern deviates from the norm without static thresholds or the need for pre-configurations.

Company Website :

About The Position

Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Towards this end, Snowbit, built off years of Israeli cybersecurity experience, offers the broadest managed detection and response offering available today.

Snowbit is part of the Coralogix group. Coralogix is rebuilding the path to log observability by offloading the burden of indexing and providing deep insights to accumulated data, at an infinite scale, for less than half the cost.

We are looking for accomplished, passionate, and self-driven Security Researchers with a zeal for revolutionizing the enterprise cybersecurity domain to come and join the Snowbit Security Research Group.

This is a team of experts with vast cybersecurity experience focused on research on cloud and enterprise systems to identify emerging threat trends/vectors as well as gaps and opportunities within existing enterprise cybersecurity frameworks.

These insights will play a key role in evolving the Snowbit offering and maintaining its global leadership position in the enterprise-managed detection and response domain.

Joining this team provides a unique opportunity to both benefit from the best of Israeli cybersecurity talent and influence the direction of a new world-class offering in the cybersecurity domain.

What Will you do?

· Research emerging technologies, threats, vulnerabilities in SaaS and enterprise products and create actionable alerting scenarios.

· Investigate logs from security systems to detect intrusions or misconfigurations and create detections based on your findings.

· Write detection rules documentation with actionable recommendations for mitigations.

· Publish your findings internally for customers and externally for blog / marketing needs.

· Work with our customers to investigate anomalies and incidents and create custom detections and next step recommendations.

Responsibilities will include

· On-going research on known and new attack vectors, including identification, with respect to novel attack vectors including their iteration/evolution and related mitigations across the enterprise IT landscape

· Collaborate with Product and Engineering to leverage research findings to evolve Snowbit product and knowledge base.

· Participate in security escalations support. Create security guidance and documentation.

· Evaluate & recommend new security technologies and help shape the product going forward with your insights and expertise.

· Regular updates to internal teams and customers on research findings.

· Active participation in public cybersecurity media/forums/events.

Basic Requirements

· 3+ years of experience in security research in large, complex or security organizations

· Experience in Managing and securing enterprise IT environments with emphasis on cloud environments (AWS, Azure, GCP).

· Experience in securing cloud and SaaS environments and familiarity with cloud and SaaS attack vectors and misconfigurations.

· Experience in enterprise security, in offensive or defensive approaches, hands on experience with attacking or defending enterprise systems.

· Experience in threat modeling (Attack kill chain, MITRE ATT&CK/D3FEND), identifying security vulnerabilities, common attacker exploit techniques, and related mitigations and remediations.

· Hands-on experience with query languages (Kibana/KQL/Lucene, Splunk), working with JSON files and writing complex queries and rules.

An innovative mind with keen attention to detail and the ability to set goals and parameters for success, investigate and implement solutions to catch threats according to defined goals.

Preferred Requirements

· Writing abilities (Former publications for blogs / comprehensive report writing).

· Deep knowledge of Cloud security principles

· Experience with Regex or additional query languages

· Knowledge is script writing, programming language (Python, JS etc).