Ben Benhemo ☕️
Ben Benhemo

Security Engineer & Researcher

K Health

Experience

  1. Security Operations Engineer

    K Health

    Responsibilities include:

    • Cloud Security: Implementing security measures, best practices, and detection capabilities in cloud environments, primarily AWS and GCP.
    • DevSecOps & AppSec: Integrated security in SDLC, led AppSec for secure code and remediated flaws (OWASP TOP 10, Secret Scanning).
    • Security Operations & Incident Response: Triaging SIEM alerts, managing end-to-end security incident response operations, from initial detection to resolution and post-incident analysis.
    • Developing custom detection rules to maximize detection capabilities and enhance visibility.
    • Vulnerability Management: Leading the vulnerability program and remediation process using various platforms and a ticketing service. These include Cloud Security Posture Management (CSPM), BugBounty program, AppSec findings, and open source tools.

  2. Incident Response & Threat Hunter

    HUB Security

    Responsibilities include:

    • Conducting research and analyzing malware for incident response and intelligence (Static, Dynamic, and Reverse Engineering).
    • Operating forensics tools and analysis – Autopsy, Sysinternals, FTK, Volatility, Velociraptor.
    • Handling advanced information security incidents in the private sector through all phases (Preparation, Detection and Analysis, Containment Eradication and Recovery, Post-Incident Activity)
    • Purple Team activities and research (Threat Modeling, MITRE ATTACK, mimic APT TTPs).
    • Security audits and pentests in private/finance sectors, expertise in security systems (Firewalls, EDR, Anti-Virus, IDS/IPS).

  3. Consultant - Incident Response & Threat Hunting

    EPAM

    Responsibilities include:

    • Handling Advanced Information Security Incidents.
    • Creating, executing, and integrating behavioral indicators and process-based defense rules for security systems (Such as Splunk, Cortex XDR, ELK, SentinelOne, and more).
    • Deployed ElasticSearch infrastructure for private sector threat hunting.
    • Operated in a medical Security Operation Center, managing alerts via IBM Qradar SIEM.
    • Executed security audits and penetration testing in private and financial sectors, experienced with Firewalls, EDR, Anti-Virus, IDS, IPS, etc.
Skills & Hobbies
Technical Skills
AWS
GCP
GitLab
Python
Hobbies
Music Production
Workout
Awards
Languages
90%
English
100%
Hebrew