דרושים » אבטחת מידע וסייבר » Incident Response Expert

We are seeking a driven problem solver to join our Unit 42 MDR team.
Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Manager, we will rely on you to manage a team of experts who detect and respond to cyber incidents facing customers internal business.
As a team manager, you will join a team of managers who overlook the Unit 42 MDR team to ensure premium delivery to our customers and also have a critical role in how the team works, but also be able to create new processes, methodologies and capabilities that the team requires.
Your Impact:
Hire for and lead a team of MDR Analysts working globally, guide the team, create and improve processes, methodologies and capabilities that the team requires to work effectively
Lead a team that analyzes incidents from real customer environments to identify ongoing threats to customer environments
Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire customer base
Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats.

the industry's only complete solution for cloud threat detection, investigation, and response built by investigators, for investigators. supercharges todays SOC teams with the cloud capabilities that enterprises have been missing, delivering broad visibility across clouds and SaaS, automation that speeds investigations, and rich context that informs cloud threat detection, hunting, and response. Together, capabilities minimize breach impact and enhance enterprises' cyber resilience. As an Innovation Sandbox Finalist at RSA 2024 and a new SYN Ventures portfolio company (Series B, January 2025), is an innovator and pioneer in Cloud Security.

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead groundbreaking research into cyberattacks targeting cloud platforms, SaaS applications, Kubernetes, and related technologies.
Develop innovative detection methods and forensic investigation techniques for attacks in cloud environments.
Conduct in-depth investigations into real-world cloud incidents, enriching our knowledge base and advancing our detection capabilities.
Contribute to the design and enhancement of cloud forensics capabilities to support CDR platform development.
Collaborate with the engineering team to identify and leverage new forensic data sources from cloud environments.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
Why?
the industry's only complete solution for cloud threat detection, investigation, and response built by investigators, for investigators. supercharges todays SOC teams with the cloud capabilities that enterprises have been missing, delivering broad visibility across clouds and SaaS, automation that speeds investigations, and rich context that informs cloud threat detection, hunting, and response. Together, capabilities minimize breach impact and enhance enterprises' cyber resilience. As an Innovation Sandbox Finalist at RSA 2024 and a new SYN Ventures portfolio company (Series B, January 2025), is an innovator and pioneer in Cloud Security.

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact:
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

Were looking for a talented Research Developer (Python) with a strong security background to join our innovative Research team at
Why?
the industry's only complete solution for cloud threat detection, investigation, and response built by investigators, for investigators. supercharges todays SOC teams with the cloud capabilities that enterprises have been missing. delivers broad visibility across multi-cloud and SaaS environments with automation that speeds investigations, and rich context that informs cloud threat detection, hunting, and response. Together, capabilities minimize breach impact and enhance cyber resilience. As an Innovation Sandbox Finalist at RSA 2024 and a new SYN Ventures portfolio company (Series B, January 2025), is an innovator and pioneer in Cloud Security.

We're seeking a Research Developer (Python) who thrives in a security-focused research environment. As a member of our Research team, you'll collaborate closely with researchers and engineers to enhance our detection, investigation, and response capabilities, directly influencing our Cloud Detection and Response (CDR) platform.

What You'll Do
Develop Python-based tools, scripts, and frameworks supporting security research and investigations.
Collaborate with security researchers to translate research findings into practical detection and response mechanisms.
Contribute directly to the development and enhancement of our cloud forensic analysis capabilities.
Integrate innovative detection methods into our CDR platform, enabling advanced investigation workflows.
Optimize data querying and handling processes to support large-scale security research activities.

we are looking for an experienced Team Lead to lead a team responsible for simulating attack scenarios across various applications, infrastructures, and network solutions on multiple platforms and technologies. This role includes managing penetration testing and forensic services, as well as overseeing consulting, secure design and development services, and training initiatives.
Job Description:
Team Leadership: Lead and mentor a team of penetration testers, fostering a culture of continuous learning and excellence.
Client Engagement: Act as the primary point of contact for clients, effectively presenting findings and recommendations.
Service Development: Enhance penetration testing methodologies, tools, and services.
Training & Development: Identify skill gaps and provide training to team members to strengthen technical capabilities.
Consulting: Offer expert guidance on secure design and development best practices across various platforms and technologies.

a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect customers and empower the brand.



Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.

we are looking for an experienced Application Security Architect to join our Cybersecurity team. In this role, you will be instrumental in building and advancing our companys application security programs. Working closely with talented engineers, product managers, and platform teams, youll play a key role in ensuring the security of our software development lifecycle (SDLC).
Youll provide security services including secure coding practices, architecture reviews, awareness and training initiatives, and tool implementation. From threat modeling to secure development education, your contributions will directly impact the safety and resilience of our companys products.
What am I going to do?
Lead Secure SDLC Initiatives: Drive security throughout the software development lifecycle (S-SDLC), including threat modeling, risk assessments, and mitigation planning for new and existing applications.
Embed Secure Design Practices: Guide development teams on implementing secure architectural patterns, design principles, and coding standards, with emphasis on OWASP and industry best practices.
Security Tooling Strategy: Define and manage the integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools into our companys CI/CD pipelines, ensuring scalable, platform-agnostic coverage and effective vulnerability management.
Security Testing & Remediation: Perform and oversee application security testing, ensuring timely remediation of identified vulnerabilities.
Develop Security Standards: Create and maintain secure coding standards, best practices, and development guidance tailored to our companys tech stacks.
Code Reviews: Conduct in-depth manual and automated security code reviews for critical components, offering practical and constructive feedback to engineering teams.
API & Mobile App Security: Design and assess security for APIs and mobile applications, ensuring robust authentication, authorization, and data protection in line with industry standards.
Third-Party Risk Management: Evaluate the security posture of third-party libraries, components, and services integrated into our company's applications.
Cloud Security Collaboration: Partner with Cloud Security Architects to ensure secure application deployment in cloud environments (e.g., AWS, GCP), offering expert advice on cloud-native security practices.
Team Enablement & Education: Mentor development teams on emerging threats, secure coding techniques, and security-first development approaches.
Bug Bounty Program Leadership: Manage and evolve our companys bug bounty program, working with researchers and internal teams to resolve findings efficiently.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power.
In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

the brand grabs attention like nothing else in cybersecurity. And were growing like crazy, with $70M in Series C funding, 200% employee growth, and 300% revenue growth in 2024. Fueling growth are our game changing agentic AI security solutions, backed by a team and culture that makes one of Forbes Best Startup Employers in America, and a Business Insider startup to bet your career on.

Life at is all gas, no brakes. Were a team of relentless, collaborative go-getters pushing the boundaries of whats possible for security automation. Every role is an essential driver of success as the AI-native autonomous SecOps platform of choice for security teams across the Fortune 500. Excited about our vision and ready to make an impact as we grow? Wed love to see what you can bring to the team.
looking for an experienced and passionate Cloud and SaaS Security professional to play a key role in advancing our security strategy.
In this role, youll take ownership of securing our cloud infrastructure, SaaS platforms, and incident response practices. You'll help shape our security posture, identify threats and misconfigurations, and respond effectively to security events.

What You'll Do
As a Senior Cloud Security Engineer at , you will:
Strengthen and maintain our cloud security posture using CNAPP tools.
Manage security controls and configurations across a wide range of SaaS platforms.
Collaborate on incident response efforts, including triage, containment, and post-incident reviews.
Develop detection content using SIEM and Hyperautomation workflows.
Evolve Incident Response and Security Operations programs to safeguard current and future assets.
Optimize and fine-tune security tool configurations to reduce false positives and increase effectiveness.
Support compliance initiatives such as SOC 2, ISO 27001, and FedRAMP readiness.
Work hands-on with the CISO and Security Manager on strategic security projects.
Partner with cross-functional teams including R&D, DevOps, and Engineering to drive security best practices