GitHub LinkedIn
Ben Deshet headshot

Information Security Analyst / IAM (Linux‑first)

Linux‑first security professional with a business & risk mindset (claims background). Hands‑on with logging, vulnerability management, and identity & access controls. KPI‑driven with a system‑wide view and a manager’s mindset. Open to Security (InfoSec/IAM/Vuln), IT Security & Linux/SysAdmin, and adjacent roles that bridge people and technology. Full‑time job (non‑shift).

Target: InfoSec / IAM Business & Risk KPI‑driven · System view Linux · Bash · Python
Experience

Team Leader – AIG Israel (Claims Call Center)

2019 – 2025 · Israel
  • Led and coached a 20–25 person team; set KPIs and feedback loops.
  • Drove process standardization: playbooks, onboarding flows, clear escalation paths.
  • Partnered with IT & Legal to digitize workflows and reduce operational risk.
  • Built dashboards for SLA, first‑touch resolution, and error rates to enable data‑driven decisions.
  • Owned escalations and executive communication under time pressure.

Founder & Admin – SS‑Travi (Browser Game)

2012 – Present · Remote
  • Operate and secure multi‑server infrastructure (Linux, Nginx, PHP‑FPM, MariaDB, Cloudflare).
  • Implemented anti‑abuse controls (Fail2Ban, custom logs/alerts) and handled incident response.
  • Optimized database performance & caching to withstand traffic spikes.

Information Security Program – John Bryce College

May 2024 – Jun 2025 · 653 hours
  • Core topics: Virtualization; Linux (internals, CLI, hardening basics); Windows fundamentals; text manipulation with grep/sed/awk; Linux networking tools (ip, ss, iptables, tcpdump).
  • Offense & discovery labs: Network attacks concepts; scanning & enumeration (Nmap); Metasploit & post-exploitation (lab-only).
  • Detection & analysis: Log analysis; packet analysis with tshark/Wireshark; MITRE ATT&CK mapping; Splunk — basics (ingest, searches, simple dashboards).
  • Built and used home-lab environments; documented repeatable checklists and playbooks.
Key Skills

Linux (AlmaLinux / Debian / Ubuntu)

OS internals basics and beyond: service management (systemd/journalctl), users & permissions, networking (ip/ss), config files, hardening checklists. Comfortable scripting with Bash.

Bash scriptsConfig filesHome-lab

Web & Servers

Hands-on with Nginx/Apache setup and tuning, reverse proxy & TLS basics, log review and troubleshooting — primarily from operating my browser game (SS-Travi).

NginxApacheProd ops (SS-Travi)

PHP

Read and understand existing code, trace data flow between components, make targeted fixes and small additions. Strong grasp of the logic even when not writing from scratch.

Code readingBugfixesIntegration

Python

Comfortable reading and understanding Python code, adapting snippets, and using small utilities; less focus on building full apps from scratch.

UtilitiesCode reading

SQL & Databases

Regular work with MariaDB/phpMyAdmin for the game: schema changes, queries, basic performance tuning, backups and data hygiene.

MariaDBphpMyAdminProd data

Cloudflare (Edge & Security)

Practical configuration: DNS, caching, rules/page rules, basic WAF and rate-limiting for production web properties.

DNSWAF basicsCaching

Security Foundations

Log analysis, packet capture (tcpdump/Wireshark/tshark), scanning & enumeration (Nmap), MITRE ATT&CK mapping, Splunk basics. Applied in labs and home-lab exercises.

Wireshark/tsharkNmapMITRE

Web Fundamentals

Solid HTML/CSS knowledge from building and maintaining production sites and internal tools.

HTMLCSS

Business, Risk & Leadership

Claims-domain risk mindset, KPI ownership, system-wide view, and team leadership (20–25). Translate business impact into priorities and clear playbooks.

Risk managementKPI-drivenStakeholders
Security Focus

Core Security Coverage (from program)

  • Virtualization – lab environments, snapshots, isolated testing.
  • Linux – operations & hardening basics; CLI workflows.
  • Windows – fundamentals for security operations.
  • Text manipulation (Linux)grep, sed, awk for log parsing.
  • Linux network toolsip, ss, iptables, tcpdump.
  • Network attacks – concepts and lab simulations.
  • Scanning – service discovery & enumeration (Nmap).
  • Metasploit & post-exploitation – hands-on in lab settings.
  • MITRE ATT&CK – adversary tactics/techniques mapping.
  • Log analysis – parsing, filtering, correlation.
  • Packet analysistshark / Wireshark for HTTP/DNS/PCAP.
  • Splunk (basics) – ingest, searches, dashboards (intro level).

InfoSec Analyst – Practical Focus

  • Log triage & investigation with Linux tools and Splunk (basics).
  • Vulnerability discovery via scanning & verification (Nmap + research).
  • Traffic capture & analysis using tcpdump/Wireshark/tshark.
  • MITRE mapping – align alerts/findings to ATT&CK for clarity & reporting.
  • Linux hardening – checklists & baseline validation.
  • Playbooks & documentation – repeatable steps for common scenarios.

IAM & Access Foundations

  • Basics in Active Directory / Azure AD concepts.
  • SSO / MFA principles and user lifecycle awareness.
  • RBAC and least-privilege mindset; access review cycles.
  • Intro to PAM and break-glass controls (conceptual).
Projects
ForenShell

Automated toolkit for Linux memory & binary analysis: artifact extraction, file structure analysis, and memory forensics with minimal input.

LinuxForensicsBash/Python

View on GitHub

BDNetScan

Automated network scanning leveraging Nmap, Hydra, and SearchSploit to validate IPs, discover ports, brute‑force services, and check CVEs — with minimal input.

NmapHydraSearchSploit

View on GitHub

Training & Certifications
  • John Bryce – Information Security Program (653 hours, 2024–2025).
  • Linux: daily driver for servers/home‑lab; scripting with Bash/Python.

What I bring

  • Business acumen & risk management from claims operations; translate business impact into security priorities.
  • People‑first leadership (20–25 people) and clear stakeholder communication.
  • KPI‑driven & goal‑oriented: measurable outcomes, SLAs, ownership.
  • System‑wide thinking: see end‑to‑end flows, reduce operational risk across interfaces.
  • Linux‑first mindset with security awareness end‑to‑end.
Contact

Get in touch

Open to roles in Information Security Analyst, IAM, Vulnerability Management, IT Security & Linux/SysAdmin, and adjacent bridging roles (Implementation / Technical PM) — non‑shift.

Israel (UTC+3) English · Hebrew Full‑time Hybrid / Remote

Signals & Availability

  • Preferred contact: Email, Phone Call or LinkedIn DM.
  • Open to on‑site interviews in Israel.