Dor Segal
Haifa
Summary
Experienced Cyber Security Analyst with 5 years of proven track record. Holds a B.Sc. in Computer Science specializing in information security from The Open University of Israel. Skilled in investigating security incidents, developing automation playbooks and scripts to enhance response capabilities, and implementing effective response plans. Proficient in managing end-to-end projects and conducting thorough digital forensics and malware analysis.
Overview
4
4
years of professional experience
Work History
Cyber Security engineer
Monday.com
06.2024 - Current
- Developed SIEM Detection Rules and Alerts Designed and implemented detection rules and alerts to identify and mitigate security threats effectively
- Integrated Data Sources Connected diverse data sources to a Big Data system using APIs and HTTP collectors
- Raw Data Analysis Performed in-depth analysis of raw data logs to identify trends, anomalies, and patterns
- Threat Intelligence Automations Leveraged AI to create automation processes for classifying risks and enhancing threat intelligence capabilities
- Multi-Cloud Expertise Worked extensively in multi-cloud environments, including AWS, GCP, and Azure, ensuring security measures aligned with each platform's unique challenges
- Collaboration with Cross-Functional Teams Met OKRs by collaborating with teams across IT, Data Security, DevOps, Developers, Application Security (AppSec), Governance, Risk, and Compliance (GRC), and other stakeholders
- Presentations and Reporting Created and presented comprehensive reports and presentations on work achievements and goals met to stakeholders
- Incident Response Responded to and resolved security alerts and incidents affecting company assets, both internal and customer-facing
- Resilience and Internal Audits: Contributed to conducting resilience assessments and internal audits to strengthen the company's security posture
- Vendor Management: Played a key role in working with external vendors, conducting Proof of Concepts (POCs), managing pre and post-purchase communications, and providing recommendations for management decisions
- DLP Enablement and Monitoring: Implemented and monitored Data Loss Prevention (DLP) solutions to safeguard sensitive information
- Risk Assessment and Employee Testing: Conducted comprehensive risk assessments, including employee security awareness tests, and provided detailed conclusion summaries
- Working with the following: Splunk, Cloudflare, CrowdStrike, AWS, GCP, Azure, Monday.com, Cisco Meraki, Panorama, Okta & more
Cyber security Analyst
Rafael defense systems
07.2022 - 06.2024
- Developed automated scripts &playbooks to detect &respond to security incidents in real-time, resulting in faster response times &reduced impact of attacks
- Conducted malware analysis & digital forensics using various tools such as Ghidra, Sysinternals, Wireshark, Fiddler, PEStudio, ProcDot & more
- Worked extensively with AWS & Azure clouds investigating alerts, creating cloud trails and Sentinel queries, creating scripts using AWS & Azure APIs
- Proactively engaged in threat hunting activities using Big Data and EDR systems, creating queries & dashboards
- Managed end-to-end projects overseeing the entire lifecycle from initial steps to results & presented comprehensive progress reports to superiors while creating insightful dashboards using tools such as Splunk and Elasticsearch
- Created Dashboards & Queries using Splunk & Elasticsearch to monitor playbooks and automations scripts, incidents, threat hunting, presenting projects progression and more
- Handled alerts & incidents across company network & subsidiaries using EDR, SIEM and SOAR systems, created Automations to handle and inform on subsidiaries incidents and more
- Collaborated with cross-functional teams developing & implementing incident response plans, fine-tuning security rules & alerts
- Working with the following: ArcSight, McAfee, Symantec, NetWitness, Elastic, Splunk, F5, Ironscales, Checkpoint, OPSWAT, Microsoft Defender & More
SOC Tier 1
Elbit systems
07.2020 - 07.2022
- Investigating information security incidents to determine the extent of compromise to information and automated information systems
- Conducted initial analysis and investigation of security incidents
- Performed Malware analysis using various tools such as Sysinternals, Wireshark, PEStudio and more
- Investigating suspicions incoming and outgoing Emails for malware and phishing E-Mails and information exfiltration
- Working with the following: ArcSight, McAfee, Demisto, Ecat, Elastic, Ironscales, Checkpoint, OPSWAT, Cisco Umbrella and more
Education
Bachelor of Science - Computer Science, Information Security
Open University
Haifa, Israel03-2023
Skills
- Automation Solutions
- Raw Data Analysis
- Programming
- Reverse engineering
- AWS
- Azure
- GCP
- Incident response
- Threat hunting
- Network security
- Endpoint protection
- Critical thinking
- Data loss prevention
- Intrusion detection
- Incident response
- Security information and event management
- Malware analysis
- Teamwork
- Problem-solving
- Time management
- Attention to detail
- Multitasking
- Excellent communication
- Organizational skills
Languages
Native Hebrew
Fluent English
Militaryservice
Field Intelligence
References
Available upon request.
Hobbies and Interests
- Learning
- Literature
- Travel the world
- Music
Citizenships
- Israel
- Italy
Timeline
Cyber Security engineer
Monday.com
06.2024 - Current
Cyber security Analyst
Rafael defense systems
07.2022 - 06.2024
SOC Tier 1
Elbit systems
07.2020 - 07.2022
Bachelor of Science - Computer Science, Information Security
Open University
Similar Profiles
Karina MaldonadoKarina Maldonado
Senior Customer Success Manager at Monday.comSenior Customer Success Manager at Monday.com
Lior YakubovLior Yakubov
Staff/Senior Accountant at Monday.comStaff/Senior Accountant at Monday.com
Lorena Sierra GantivaLorena Sierra Gantiva
SMB Account Executive at Monday.comSMB Account Executive at Monday.com