דרושים » אבטחת מידע וסייבר » Security SW Engineer

We are looking for proactive, analytical talented people to join the Security Applications Content team.
As a Senior Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to our security and network products such as NGWF, CASB, DLP, Device Management and more.
Joining us is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior
Security products (NGFW,CASB,DLP,Device Management and more).
Suggest and conduct new research vectors
Utilize our Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.

We are looking for proactive, analytical talented people to join the API Security Content team.
As a Security Engineer (API Content), you will analyze APIs, design API integrations, and more.
You will add content to our security and network products, such as XDR, CASB, DEM, DLP, etc.
Joining us is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Analyze cloud application APIs and develop products interacting with such APIs
Contribute to various products: DEM, XDR, CASB
Suggest and conduct new research vectors
Utilize our Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering.
Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities:
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g. individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.



Main Responsibilities:

Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

Required Senior Application Security Engineer
As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and mitigate sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

A cyber-security startup offering a fresh game-changing solution for data and access security. Our products create self-contained, cryptographically isolated workspaces which provide cyber protection against the most sophisticated strategic threats to businesses and organizations. We are expanding our group of proactive, self-motivated, and diligent individuals who have a creative and resourceful attitude, and who work both independently and in a team environment. We are looking for like-minded individuals who share our values.
?Role description: We are looking for a Senior software engineer to join the expanding R&D team and develop product through excellent MVP and exceptional quality to provide outstanding value to our customers. In this critical, team-oriented role, you will be a partner of our R&D development teams. You will be responsible for designing an ingenuine product, developing prioritized features and driving great quality through collaboration with your team and other organizational teams - engineering, QA, system architect and Product, to create a secure, scalable, high-quality solution for our customers. In this role youll have the opportunity to work with a team of driven professionals, learn to develop extreme security products, simplify high complexity systems, and work with the market to meet the high-value demand of our customers, which refer to the solution as? the next generation of Cyber security.?