דרושים » אבטחת מידע וסייבר » Cybersecurity Incident Manager- 2516

we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.
Main Responsibilities:
Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.
Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.
Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.
Collaborate with IT and Security teams during investigations.
Generate and present a comprehensive and professional report of findings from investigations.

we are at the forefront of worldwide data detection and response services. We lead and redefine how data should be monitored, and protected and how data breach incidents should be handled. Its a 24/7 global security service assisting customers to investigate and respond to security incidents.
A Senior (Level 3) Security Analyst within our MDR team is expected to serve as their teams technical lead and a key escalation point for complex security incidents.
In your role, you will lead complex investigations, working directly with customers by assisting them in investigating and responding to security incidents.
As a senior staff in your team, you are expected to mentor junior analysts, and drive continuous improvement of our detection and response capabilities. You will collaborate with internal and external stakeholders, and ensure best practices are followed across monitoring, detection, and incident response processes. This position requires a strong foundation in cybersecurity operations, a deep understanding of SIEM technologies and log sources, as well as the ability to train and document processes for others.
Responsibilities:
Incident Escalations & Investigations
Serve as an escalation point for security alerts and incidents, ensuring timely and thorough investigations.
Perform end-to-end incident handling, including scoping, containment, and eradication activities.
Coordinate and communicate with customers, leadership, and other stakeholders throughout the incident response lifecycle.
Understand, interpret, and analyze a diverse range of log sources (Exchange Online, Entra, Active Directory, Windows events, Azure, DNS, VPN, etc.).
Proactively identify potential threats and anomalies, recommending and implementing improvements in detection logic.
Training & Mentorship:
Assist in training and upskilling junior and mid-level analysts, including sharing best practices in investigations, threat hunting, and emerging threats.
Provide guidance in troubleshooting escalated issues, ensuring efficient knowledge transfer and professional growth within the team.
Contribute to the development, documentation, analysis, testing, and modification of threat detection systems and playbooks.
Provide feedback on gaps or improvements needed in processes, documentation, or technology.
Work closely with Team Leads and other senior staff to align on operational goals, SLA adherence, and service delivery standards.
Communicate findings, root causes, and recommended actions to both technical and non-technical stakeholders clearly and effectively.
Share insights and best practices with the broader team, championing a culture of continuous learning.

Required Chief Information Security Officer
About the Role
As our Chief Information Security Officer (CISO), you will own and lead all aspects of Information Security for us. Reporting to the CTO, you will lead and manage three teams which are individually responsible for Governance Risk and Compliance, Product Security and Security Operations. As CISO, you will shape and execute our security strategy and roadmap, ensuring trust, resilience, and compliance at scale. You will grow and lead the security department and work closely with our leadership to balance business growth with risk management. Externally, you will represent us to customers, auditors, and regulators, reinforcing our commitment to security and trust. Above all, you will ensure that our customers, data, and operations remain secure as we scale.
Overall Security Governance Strategy
Define and execute the company-wide security strategy and roadmap
Align security initiatives with our business objectives and risk appetite
Report on security posture to company executives and te board
Security Operations
Infrastructure Security - Collaborate with DevOps and IT teams to secure our infrastructure and cloud environment
Endpoint Security - Protect employee devices and access points
SaaS Security - Monitor and secure third-party SaaS applications
Data Loss Prevention - Implement controls to prevent unauthorized data access, sharing, and exfiltration across systems and endpoints
Identity and Access Management - Manage the companys access policy and controls
Threat Detection & Incident Response - Establish SIEM, threat intelligence, and forensic capabilities
Incident Response - Respond to security events, conduct investigations, and lead mitigation efforts
GRC (Governance, Risk, and Compliance)
Risk Management & Assessments - Perform regular risk assessments on our systems, processes, and infrastructure, and drive mitigation plans
Certifications & Compliance - Maintain compliance with SOC 2, ISO 27001, DORA, NYDFS, and other regulations
Audits & Regulatory Compliance - Lead security audits, manage interactions with external auditors, government agencies, and regulatory bodies
Third-Party & Vendor Security Assessments - Conduct security evaluations of vendors and partners to ensure data protection standards are met
Security Policies & Frameworks - Maintain and enforce company-wide security policies, ensuring cross-functional adoption
Product Security
Secure Software Development Lifecycle (SSDLC) - Integrate security into our development processes, shift left on security through the entire product lifecycle.

​​If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
Were looking for a Security Research Manager to lead a team focused on two of the fastest-growing domains in cybersecurity: autonomous investigation and response (Autopilot), and macOS detection and response. This is a unique opportunity to lead an exceptional team of researchers within the largest security company in the world, helping to revolutionize threat detection, investigation and response through patent-grade capabilities.
Your Impact
Lead, mentor, and grow a team of talented security researchers
Drive the inception, strategy and execution of our autonomous investigation and response solution (Autopilot)
Drive the strategy and execution of research initiatives to uncover novel techniques to detect and respond to sophisticated attacks targeting macOS endpoints
Define and prioritize detection and investigation use cases, relevant datasets, and innovative approaches based on runtime visibility, statistic algorithms and threat intelligence
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content
Foster collaboration across research, engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations more strict, organizations struggle to answer one key question: Is my data safe?"
At our company, we see the world of cybersecurity differently. Instead of chasing threats, we believe the most practical approach is protecting data from the inside out. Weve built the industrys first fully autonomous Data Security Platform to help our customers dramatically reduce risk with minimal human effort.
At our company, we move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you
Position Overview:
our company's MDR team is at the forefront of worldwide data detection and response services. We lead and redefine how data should be monitored, and protected and how data breach incidents should be handled. Its a 24/7 global security service assisting customers to investigate and respond to security incidents.
We are seeking an experienced MDR Team Lead who will oversee a team of MDR Security Analysts. This oversight includes training and developing the knowledge and skills needed to execute the MDR mission, ensuring adherence to all operating policies and procedures, ensuring the delivery of the MDR service within all SLAs, and serving as a point of technical and operational escalation for MDR analysts. Data is the #1 target of attackers, and our company's Managed Data Detection and Response (MDDR) customers entrust our team with the security of their data. MDR Team Leads are the lynchpin of MDR operations, ensuring the team is working 24x7 to monitor, triage, investigate, and escalate incidents where data is at risk and to ensure we meet operational SLAs.
Responsibilities:
Technical and operational escalation point for investigations, incidents, and other elements of the MDR service.
Assist in the development, documentation, analysis, testing, and modification of our companys threat detection systems, playbooks, runbooks, and MDR team operations.
Continuously train the team so they are equipped with the required skills and knowledge to effectively execute the MDR service.
Validate findings and coordinate investigative efforts with customers and internal teams.
Ensure all investigative findings are documented and communicated appropriately by the team, including tracking in CRM.
Maintain up-to-date knowledge of all aspects of our company's MDR service.
Oversee and execute programs, projects, operational tasks, and responsibilities related to the MDR service.
Conduct regular performance reviews and quarterly SWOT analyses to drive team growth and development.

We are looking for a Cyber Security Manager.
The cyber security manager implements, and monitors security policies and procedures, and ensures compliance with relevant standards and regulations. The Cyber Security Manager Serves as a team member for Information Technology Services (ITS) and Information Security Officer team at the Israel member firm. Specifically, he will be responsible for Leading various cyber security projects/ areas & Improving Cyber Security IL MFs posture.
The manager works with the member firm to identify areas of potential risk, potential cost savings, and operational efficiencies that will reduce the overall risks to client and firm data resources, and May participate in projects with participants from other countries in cross border operations.
The position will also work closely with the US Member Firm team The position is open to both women and men.

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

We are looking for a top-notch Security Research Tech Lead, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats.
Responsibilities:
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the mission and work closely with customers regarding cyber security investigations and incidents detected in their environments

Were looking for a Cybersecurity Threat Detection & Response Engineer to lead and grow this critical function as part of our expanding security team. This role will focus on evolving detection engineering, incident response, and security automation capabilities to support our growing organization and evolving threat landscape.

Youll join a mature and collaborative environment where foundational work has already been laid, and you'll have the opportunity to advance how we detect, investigate, and respond to threats - with the support of strong cross-functional partnerships and best-in-class tools.

RESPONSIBILITIES

Detection Engineering
Develop, tune, and maintain detection rules, correlation logic, and alerting workflows within our SIEM.
Integrate high-quality telemetry from cloud environments, infrastructure, SaaS applications, and internal systems.
Collaborate with Engineering and DevOps to improve visibility, signal-to-noise ratio, and logging coverage.
Automation & Enrichment
Design and implement enrichment and response automation (e.g., SOAR platforms, serverless functions).
Explore and integrate LLM-based agents or AI-enhanced triage/classification tools where practical.
Continuously improve response playbooks, integrations, and automation pipelines.
Incident Response Leadership
Serve as the operational lead for security incident response, from triage through resolution and post-incident review.
Maintain and evolve IR runbooks; lead tabletop exercises to strengthen organizational readiness.
Coordinate investigations across Security, Engineering, GRC, IT, and Legal as needed.
Metrics & Reporting
Own and continuously improve dashboards and reporting that track key detection and response KPIs (e.g., MTTR, detection coverage, false positive rates).
Deliver data-driven insights to security and engineering leadership to inform strategy and operational improvements.
Case Management
Take responsibility for the case management lifecycle across detection, triage, and incident handling.
Ensure the incident handling process is tightly integrated with automation, documentation standards, and relevant security tooling.
Evaluate opportunities to enhance case tracking infrastructure in alignment with program growth and maturity.
Collaboration & Growth
Partner cross-functionally with teams in Engineering, DevOps, IT, Privacy, and GRC.
Support ongoing vendor relationships and bring a continuous improvement mindset to tooling and processes.

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.