דרושים » אבטחת מידע וסייבר » SecOps & Incident Response Engineer

Were looking for a Security Operations Engineer to lead our monitoring and detection efforts across our global FinTech environment. Youll be responsible for implementing and operating a robust SIEM solution, managing alerting pipelines, and ensuring security visibility across our SaaS platforms, cloud environments (AWS,GCP), and one physical on-prem location. This role is mission-critical to maintain our compliance, protect our customer data, and support our global operations.
Responsibilities:
Lead the implementation and ongoing operations of the company-wide SIEM solution
Build and tune detection rules, alerts, and incident workflows
Monitor cloud (AWS, GCP) and SaaS environments for anomalies and threats
Integrate logs from production systems, cloud platforms, SaaS tools, and on-prem infrastructure
Respond to security incidents and perform forensic investigations
Partner with Engineering, IT, and GRC to ensure logging and alerting coverage
Continuously improve our detection capabilities and response processes
Ensure monitoring meets compliance frameworks (SOC2, PCI-DSS, etc.)

Were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, youll:
Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments
Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
Automate forensic evidence collection and response actions across diverse platforms and services
Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility
Lead incident retrospectives and document technical findings, response steps, and process improvements
Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables
Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols.

we are a leader in cloud-native networking software for hyperscalers and service providers who are building the largest infrastructures in the world for network services, AI platforms and SaaS offerings. Founded in December 2015, our company disrupted some of the most challenging high-scale markets, transforming the way Networks are built, scaled, and consumed. We also built the largest network in the world, with more than half of AT&Ts backbone running on our Network Cloud. we have raised $587 million in three funding rounds which enable us to dream big and bring on the most talented people.
The Role:
As the Director of Information Security and GRC, you will oversee all aspects of our company's information security program, ensuring the protection of our data, systems, employees, and applications. You will lead a team of talented security professionals, driving a proactive, responsive and comprehensive security posture aligned with industry best practices and regulations.
Responsibilities:
Be kind.
Will be leading a team of 3-4 security operations specialists and engineers.
Embody the organizations values and act as a values champion, holding both yourself and others accountable to them.
Develop and implement a comprehensive information security strategy aligned with business objectives and risk tolerance.
Lead the Security team, fostering a culture of transparency, continuous improvement and collaboration.
Lead the development and implementation of IT governance frameworks and policies.
Oversee the implementation and maintenance of security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.
Manage product security, vulnerability management, and incident response processes.
Design and implement a robust Governance, Risk, and Compliance (GRC) program, ensuring companywide adherence to relevant regulations and standards.
Conduct regular security assessments and risk analyses to identify and mitigate potential vulnerabilities, partnering with business units and stakeholders across the organization.
Ensure that the organization is prepared for internal and external IT audits; and manage the audit process.
Coordinate with external agencies, auditors, customers and stakeholders for compliance assessments and audits.
Assist in the selection, implementation, and maintenance of security technologies, tools, vendors, and processes to ensure adherence to the organization's security policies and goals.
Work with DevOps and the development staff to improve the security posture and to implement secure SDLC practices.
Stay up to date on the latest security threats, trends, and technologies, ensuring that our company adopts appropriate countermeasures.
Develop and deliver security awareness training programs for employees.
Manage the security budget and resources effectively.
Report to the Chief Operating Officer (COO) on the organization's overall security posture.
Curate the organizations risk register and report regularly on burndown.

At our company, were reinventing DevOps to help the worlds greatest companies innovate and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. If youre willing to do more, your career can take off. And since software is central to everyones lives, youll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust our company to manage, accelerate, and secure their software delivery from code to production a concept we call liquid software. Wouldn't it be amazing if you could join us on our journey?
As an Offensive Security Team Lead, you will spearhead our companys offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our companys systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead at our company you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our companys infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our companys security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

We are seeking a driven problem solver to join our Unit 42 MDR team.
Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Manager, we will rely on you to manage a team of experts who detect and respond to cyber incidents facing customers internal business.
As a team manager, you will join a team of managers who overlook the Unit 42 MDR team to ensure premium delivery to our customers and also have a critical role in how the team works, but also be able to create new processes, methodologies and capabilities that the team requires.
Your Impact:
Hire for and lead a team of MDR Analysts working globally, guide the team, create and improve processes, methodologies and capabilities that the team requires to work effectively
Lead a team that analyzes incidents from real customer environments to identify ongoing threats to customer environments
Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire customer base
Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats.

Prisma-Photonics is a rapidly growing startup company, developing the next-generation smart-infrastructure solution based on novel fiber-sensing technology (smart roads, smart cities, perimeters, and grid monitoring, etc.). The company offers an award-winning disruptive solution; a “sensor free” approach to smart infrastructure. The company is VC backed and in the revenues stage.
Combining pioneering technology in optical fiber sensing with state-of-the-art machine learning, we help prevent environmental disasters, protect human lives, and keep critical energy and transportation backbones running smoothly.
We are seeking a talented, self-driven and passionate Senior Infrastructure Engineer to build and maintain the cloud infrastructure for our highly available SaaS application as well as our machine learning and data engineering stack. As a Senior Infrastructure Engineer, you will be responsible for designing, implementing, and maintaining the cloud infrastructure and DevOps processes that power our products and internal tooling. You will work closely with all data and development teams and lead the company’s security and compliance vectors. You will ensure a highly reliable, scalable, and secure infrastructure that supports our rapid growth and product innovation, while maintaining observability and cost-effectiveness of our cloud resources and data.

Hiring Manager:
Oded Messer

What You’ll Do:

* Cloud Infrastructure Management: Architect, deploy, and manage our cloud infrastructure (AWS), ensuring high availability, scalability, and security.
* Software Engineering: Be a top notch SW engineer, harnessing your coding and architectural skills, as well as researching skills, for our infra stack.
* Infrastructure as Code (IaC): Define and maintain infrastructure using tools like Terraform, CloudFormation, or Pulumi to manage resources efficiently and reproducibly.
* Monitoring & Incident Management: Build and manage monitoring and alerting systems to ensure uptime, and respond to incidents with root cause analysis and remediation.
* DevOps & Automation: Implement and maintain CI/CD pipelines to streamline development workflows and automate deployment processes across development, staging, and production environments, and across different parts of our solution. While our development teams are expected to write and maintain their own CI, you will act as a supervisor and professional authority, and maintain cross team and complex automation.
* Collaboration and technical leadership: Partner with software engineers, data engineers, and machine learning teams to support their infrastructure needs and guide the evolution of our infrastructure team.
* Cost Optimization: Monitor cloud spend and optimize resources to ensure cost-effective infrastructure without sacrificing performance or security.
* Security & Compliance: Implement security best practices, including access control, network security, monitoring and ensuring the infrastructure is compliant with relevant industry standards (e.g., SOC2, GDPR).


What You Bring::

* 5+ years of hands-on experience in cloud infrastructure, DevOps and platform engineering in production environments.
* Expertise in managing cloud infrastructure on at least one of the major providers: AWS, GCP, Azure. Proficient in Infrastructure as Code tools such as Terraform, CloudFormation, or Pulumi.
* Solid experience with Docker and Kubernetes.
* Monitoring & Logging: Hands-on experience with monitoring tools (Prometheus, Grafana) and logging systems (ELK, Splunk, or equivalent).
* Proficient Software engineering, architecture, as well as scripting languages such as Python, Bash, or Go. Full control of version control systems such as Git.
* Strong experience with CI/CD pipelines and automation using Jenkins, CircleCI, GitHub Actions, GitLab CI, or similar.
* Strong understanding of cloud networking, VPNs, VPCs, DNS, and fi

the industry's only complete solution for cloud threat detection, investigation, and response built by investigators, for investigators. supercharges todays SOC teams with the cloud capabilities that enterprises have been missing, delivering broad visibility across clouds and SaaS, automation that speeds investigations, and rich context that informs cloud threat detection, hunting, and response. Together, capabilities minimize breach impact and enhance enterprises' cyber resilience. As an Innovation Sandbox Finalist at RSA 2024 and a new SYN Ventures portfolio company (Series B, January 2025), is an innovator and pioneer in Cloud Security.

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead groundbreaking research into cyberattacks targeting cloud platforms, SaaS applications, Kubernetes, and related technologies.
Develop innovative detection methods and forensic investigation techniques for attacks in cloud environments.
Conduct in-depth investigations into real-world cloud incidents, enriching our knowledge base and advancing our detection capabilities.
Contribute to the design and enhancement of cloud forensics capabilities to support CDR platform development.
Collaborate with the engineering team to identify and leverage new forensic data sources from cloud environments.

We are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.

Main Responsibilities:
Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.
Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.
Utilize and develop tools and methodologies to improve our existing investigative and hunting technological stack.
Collaborate with IT and Security teams during investigations.
Generate and present a comprehensive and professional report of findings from investigations.

As a Managed services consultant within our companys Infinity Global Services (IGS) Managed eXtended Detection and Response (MXDR) team, you will play a critical role in protecting our customers digital assets, sensitive data, and core systems from cyber threats.
You will apply your expertise in threat detection, incident response, and vulnerability analysis to strengthen security postures and proactively mitigate risks. Working alongside cross-functional teams, you will help shape effective security strategies and ensure compliance with industry standards and regulatory frameworks.
This role is ideal for a self-motivated professional with a passion for cloud security, deep familiarity with leading public cloud platforms, and hands-on experience using cutting-edge monitoring and defense technologies.
Key Responsibilities
Perform continuous monitoring across key security layers (e.g., intrusion detection, endpoint protection, log management) using advanced XDR and SIEM solutions like Microsoft Sentinel and our company's Harmony Endpoint.
Analyze and investigate security events using log data, open-source intelligence, and threat indicators to distinguish real threats from false positives.
Develop and maintain custom rules, alerts, dashboards, and use cases within SIEM platforms, ensuring alignment with client-specific compliance and security needs.
Support cloud security operations, particularly within Azure environments, and respond to incidents through structured ticketing and case management processes.
Collaborate with clients and internal teams to resolve complex issues, automate repetitive tasks, and continuously improve the effectiveness of security operations.
Contribute to documentation and knowledge sharing by creating reports, SOPs, training materials, and providing guidance to junior SOC analysts.