דרושים » אבטחת מידע וסייבר » SOC Senior Engineer

We are looking for a Vehicle SOC Analyst (Student Position) to join the vSOC analysts team and focus on addressing potential vehicle and API security incidents, and creating and implementing, together with customers, strategies for containment and recovery.

As a Vehicle SOC Analyst you will use threat intelligence, previous similar attack vectors, and insights from internal research teams to pinpoint affected assets, the type of attack, and the extent of the attack.

The Vehicle SOC Analyst will assist in creating and maintaining playbooks and ensuring the correct training is in place so that team members can implement procedures and policies effectively.

Additionally, the Vehicle SOC Analyst will act as a security point of contact for managed services for customers and assist in troubleshooting real-time potential security alerts.

This role is part-time and based in Herzliya, Israel.

Responsibilities:
Primarily responsible for security event monitoring, management, and response.
Triage incoming alerts (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security risks).
Provide administrative support for daily operational activities.
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
Revise and develop processes and playbooks to strengthen the current Security Operations Framework.
Identify threat vectors and develop use cases for security monitoring.
Fine tune detection logic and machine learning profiles.
Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
Support Root cause analysis (RCAs) process for events escalated to incident levels.

Were looking for a Cybersecurity Threat Detection & Response Engineer to lead and grow this critical function as part of our expanding security team. This role will focus on evolving Ponteras detection engineering, incident response, and security automation capabilities to support our growing organization and evolving threat landscape.

Youll join a mature and collaborative environment where foundational work has already been laid, and you'll have the opportunity to advance how we detect, investigate, and respond to threats - with the support of strong cross-functional partnerships and best-in-class tools.

RESPONSIBILITIES

Detection Engineering
Develop, tune, and maintain detection rules, correlation logic, and alerting workflows within our SIEM.
Integrate high-quality telemetry from cloud environments, infrastructure, SaaS applications, and internal systems.
Collaborate with Engineering and DevOps to improve visibility, signal-to-noise ratio, and logging coverage.
Automation & Enrichment
Design and implement enrichment and response automation (e.g., SOAR platforms, serverless functions).
Explore and integrate LLM-based agents or AI-enhanced triage/classification tools where practical.
Continuously improve response playbooks, integrations, and automation pipelines.
Incident Response Leadership
Serve as the operational lead for security incident response, from triage through resolution and post-incident review.
Maintain and evolve IR runbooks; lead tabletop exercises to strengthen organizational readiness.
Coordinate investigations across Security, Engineering, GRC, IT, and Legal as needed.
Metrics & Reporting
Own and continuously improve dashboards and reporting that track key detection and response KPIs (e.g., MTTR, detection coverage, false positive rates).
Deliver data-driven insights to security and engineering leadership to inform strategy and operational improvements.
Case Management
Take responsibility for the case management lifecycle across detection, triage, and incident handling.
Ensure the incident handling process is tightly integrated with automation, documentation standards, and relevant security tooling.
Evaluate opportunities to enhance case tracking infrastructure in alignment with program growth and maturity.
Collaboration & Growth
Partner cross-functionally with teams in Engineering, DevOps, IT, Privacy, and GRC.
Support ongoing vendor relationships and bring a continuous improvement mindset to tooling and processes.

If you're eager to launch or accelerate your cybersecurity career in a high-growth tech company, this is your opportunity to learn, contribute, and grow alongside some of the best in the industry.



JOB RESPONSIBILITIES
Monitor and analyze security alerts and logs using advanced monitoring and detection systems.
Triage and respond to Tier-1 security incidentsinvestigating root causes, mitigating risks, and documenting findings thoroughly.
Assist in strengthening AWS cloud security configurations with a focus on the principle of least privilege.
Support the deployment, maintenance, and fine-tuning of security tools and processes.
Collaborate with cross-functional teams to proactively identify threats and enhance overall security posture.
Be part of an on-call rotation, including weekends and holidays, to ensure continuous protection.

As an Embedded security researcher, you will be dealing with:

● Embedded systems Reverse engineering.

● Real-time Embedded End-to-End Low Level software developments on various unique embedded platforms and environments.

As an Embedded security researcher, you will be dealing with:

Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.