דרושים » אבטחת מידע וסייבר » Cloud Threat Detections Engineer

We are looking for a Sr. Cloud Threat Detections Engineer.
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities.
Design and implement detection logic across multi-cloud and hybrid environments.
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and mitigate sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead groundbreaking research into cyberattacks targeting cloud platforms, SaaS applications, Kubernetes, and related technologies.
Develop innovative detection methods and forensic investigation techniques for attacks in cloud environments.
Conduct in-depth investigations into real-world cloud incidents, enriching our knowledge base and advancing our detection capabilities.
Contribute to the design and enhancement of cloud forensics capabilities to support CDR platform development.
Collaborate with the engineering team to identify and leverage new forensic data sources from cloud environments.

We're seeking a Research Developer (Python) who thrives in a security-focused research environment. As a member of our Research team, you'll collaborate closely with researchers and engineers to enhance our detection, investigation, and response capabilities, directly influencing our Cloud Detection and Response (CDR) platform.

What You'll Do
Develop Python-based tools, scripts, and frameworks supporting security research and investigations.
Collaborate with security researchers to translate research findings into practical detection and response mechanisms.
Contribute directly to the development and enhancement of our cloud forensic analysis capabilities.
Integrate innovative detection methods into our CDR platform, enabling advanced investigation workflows.
Optimize data querying and handling processes to support large-scale security research activities.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

Ask a member of our team and theyll answer, Our people! We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When youre part of our team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Cloud Security was established through the acquisition of Ermetic, an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of CIEM. This acquisition is a significant step in mission to shift organizations towards proactive security, offering market-leading contextual risk visibility, prioritization, and remediation across both on-premises and cloud infrastructures.
Your Opportunity:
Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.



Main Responsibilities:

Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect customers and empower the brand.



Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.

We are seeking a Threat Research Team Lead to join our security research team in Tel Aviv.

As the leader of the Threat Research team, you will play a pivotal role in analyzing and simulating the most advanced cyber threats. Your team will be responsible for researching and developing attacks for the exposure validation platform, uncovering complex in-the-wild exploits across diverse technologies and environments.

You will manage the Threat Research team, responsible for analyzing the most advanced threat groups techniques and exploits. The team is responsible for the research and building of the exposure validation platforms attacks. You will lead the research of complex in-the-wild attacks on a wide variety of technologies and operating systems such as Windows, Linux, Mac, and environments such as Dockers and Cloud.
You will lead the implementation and work closely with the R&D teams on a huge variety of cyber attacks simulation such as: process injections, lateral movement, OS persistence, Active Directory attacks, and vulnerabilities exploits.
You will work closely with the thought leadership team on exclusive 0-Day attacks simulations.
You will directly manage our talented threat researchers, guiding and helping them on complex hands-on challenges and directing their priorities and focus.

We are seeking junior Detection Engineers who look for their first (or second) steps in the Cybersecurity industry. The position is in our Research department, focusing on detection rules in the domains of Enterprise Copilots, GenAI technologies, and Low-code/No-code platforms. This role offers a unique opportunity to work closely with Inbar Raz, a prominent figure in the security research community known for his pioneering work and thought leadership. Inbars extensive expertise and innovative approach to security research will not only guide but also inspire your work, making a place where your contributions can have a significant impact on the future of application security. This role will set you on a path into the Cybersecurity world and let you evolve your skills into the directions of a security researcher or a security engineer.