דרושים » אבטחת מידע וסייבר » Cybersecurity Incident Manager - 2516

Medison offers hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond for the benefit of the patients we serve. We are a dynamic, fast-paced company, operating in over 30 countries across five continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are seeking a Senior Security Specialist to lead and enhance our advanced detection and threat-focused capabilities. This hands-on expert plays a key role in elevating the organization’s security posture - driving proactive threat hunting, forensic analysis, and continuous improvement of our core security platforms (EDR, SIEM, and more). The role includes close collaboration with our SOC, external IR partners, and security leadership, with significant influence over our threat-detection strategy and security architecture.

Responsibilities:

* Lead advanced threat detection, threat hunting, and proactive vulnerability identification initiatives.
* Develop, maintain, and optimize threat detection rules and Indicators of Attack (IOAs).
* Collaborate closely with the SOC &IR teams, guiding rule creation, tuning, and incident triage.
* Conduct forensic investigations and support root-cause analysis.
* Design, maintain, and enhance cloud and SaaS security architectures, including Microsoft 365.
* Lead initial technical response actions during cybersecurity incidents.
* Oversee technical security operations, monitoring, and investigative activities.
* Act as a senior expert for system-level troubleshooting, integration, and security optimization.
* Monitor emerging threats and drive continuous improvements in detection and response capabilities.
* Report directly to the Director of Cyber & IT (CISO).

City:
Petah Tikva

We are seeking a highly skilled and experienced Information Security Specialist to join


As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with Autofleet. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

A leadership role responsible for defining and executing the cloud’s information security strategy. This includes managing and mentoring a professional security team, leading the design and implementation of advanced security architectures across cloud and hybrid environments, and overseeing the response to high-severity cyber incidents. The role requires strong technical leadership, strategic decision-making, cross-organizational collaboration, and regular communication with executive stakeholders. Key Responsibilities Security Architecture & Governance
* Lead the design and implementation of cloud security architectures aligned with CIS, NIST, and ISO27001 standards.
* Oversee the definition and enforcement of security controls: WAF, IAM, NACLs, Zero Trust, segmentation, and more.
* Develop and implement security policies, procedures, hardening baselines, and governance frameworks.
* Ensure hybrid (cloud + on-prem) security solutions are properly designed and maintained. Network & Security Engineering
* Oversee the design of secure network solutions in complex enterprise environments: BGP, OSPF, VPN, SD-WAN, MPLS.
* Manage and maintain enterprise firewall infrastructures (Fortinet / Check Point).
* Establish standards for secure networking and optimize network resilience, availability, and performance. Incident Response & Operations
* Lead the investigation and handling of complex cyber incidents, coordinating SOC and IR teams.
* Conduct root cause analysis and produce executive-level post-incident reports.
* Manage Tier-3 escalations and provide expert guidance for cloud and infrastructure-related issues. Cross-Organizational Collaboration
* Drive cross-functional security initiatives
* Work closely with Cloud, Network, IT, and Systems teams to embed security into workflows.
* Interface with external vendors, integrators, and service providers.
Leadership
* Lead, mentor, and develop the Information Security team.

we are looking for an experienced Incident Responder to join our newly established team. The team will support customers in responding to cloud incidents and proactively hunt for undetected threats.
WHAT YOULL DO
Investigate real-world cyber-attacks on customers cloud environments and cloud workloads, understanding their root causes and the full scope of compromise, leveraging the company platform.
Perform proactive threat hunting to identify undetected cyber-attacks and cloud threats within customer environments.
Collaborate with customer teams during engagements to effectively respond to threats.
Develop and deliver professional engagement reports, including high-level summaries and deep dives into technical findings.
Develop and document incident response methodologies, best practices, and standard operating procedures tailored to cloud environments and cloud workloads.
Collaborate with the threat research and engineering groups to refine and enhance incident response detections, tools, and features, based on real-world investigation experiences.

We are looking for a top-notch Senior Security Researcher, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats.

Responsibilities
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments

We are looking for a Solution Engineer - Cyber Security.
As a Security Technical Specialist, you will be a senior technical sales leader and trusted customer advisor, working with cutting-edge security technologies such as Defender for XDR and Sentinel.
You will lead a v-team of other internal, partner and consulting resources to help map solutions to customer security challenges and priorities, demonstrate and prove our solutions, and win the technical decision enabling the team to achieve/exceed quarterly and annual revenue targets.
You will help solve complex security challenges for our customers, enabling them to help modernize their security architecture and posture
Responsibilities:
Primary technical point of contact for potential customers during the sales process, owing and driving technical win for security opportunities
Deep technical understanding of cloud security architectures, solutions/technologies including M365 Defender, Defender for cloud and Sentinel and expertise in extended detection and response (XDR), zero trust and cloud security solutions and architectures
Remediate blockers; leads and ensures technical wins for Security and adjacent technologies. Engages with and reaches out to customers proactively and independently; builds credibility with customers as a trusted advisor for Security; and searches for and uses Security customer references; and facilitates handoff to customer success for post sales deployment.
Develop strategies and recommendations to improve the client's security posture, shapes technical win plan and tailors messaging to audience for security opportunities. Enhances team capabilities for extended detection and response (XDR), zero trust and cloud security and develops differentiated compete strategies for Microsoft Security for assigned customers.
Lead technical presentations, demonstrations, workshops, architecture design sessions, explain, demonstrate, and architect the solution to help solve customer security challenges and priorities.
Drives cross-workload support for Microsoft solutions for security. Leverages insights and coaches' teams to align new or changing technology to customer security needs.
Responsible for engaging with other teams within and outside the organization throughout the sales cycle. Engaging partners in sell-with scenarios and supporting their technical capabilities is key to scaling solution delivery.

Were looking for an Automation Security Analyst whos eager to help shape and strengthen our And strengthen our SOC and IR. Youll play a key role in developing a dynamic and evolving security environment, driving efforts to automate alert handling and streamline incident response. If youre passionate about cybersecurity, automation, and creative problem-solving, wed love to hear from you.

Responsibilities:
Develop and implement automation workflows to improve alert investigation and response efficiency.
Investigate and respond to security alerts, ensuring timely and effective resolution of incidents.
Identify false positives and collaborate on SIEM/SOAR tuning to enhance detection accuracy.
Apply creative, out-of-the-box thinking to solve complex security challenges and strengthen SOC capabilities.
Handle phishing incidents, including analysis, containment, and mitigation efforts.
Work closely with IT and DevOps teams to resolve security issues and promote best practices.
Contribute to the growth and maturity of a dynamic SOC team.
Participate in on-call rotations for incident response outside of regular working hours.

We're looking for an Infrastructure Security Architect to join us. In this role, you will design and validate secure cloud and corporate infrastructures, drive security best practices, and solve complex network and cloud-security challenges across the organization.
Responsibilities:
Design and architect secure infrastructures across cloud, and corporate environments, with strong emphasis on scalable AWS networking.
Lead network-security architecture reviews for new and existing technologies, systems, and product features.
Develop and maintain security reference architectures, guidelines, and best practices for cloud and network environments.
Review, design, and enhance cloud network architecture (VPC topology, segmentation, routing, connectivity, hardening).
Evaluate and run PoCs for security and cloud-networking products to strengthen our companys cloud security posture.
Perform Infra threat modeling and risk assessments for network and cloud architecture designs.
Collaborate with DevOps, SRE, R&D, and IT to integrate security into infrastructure design, deployments, and engineering processes.
Troubleshoot complex network and cloud-security issues across corporate and product environments.
Oversee IoT network security, including segmentation and monitoring strategies.
Provide clear, structured feedback to product teams on architecture, design trade-offs, and real-world operational impact.
Act as a senior escalation point for network-related security alerts and incident response within the security operations team.

We are looking for a SecOps Engineer to join our Security Operations team. In this role, you will help defend the organization end-to-end, from IT security to cloud security - while performing third-party and internal security reviews, handling incident response, conducting threat hunting, and supporting GenAI security work.

Responsibilities:
Design, operate, and improve security infrastructure by maintaining core controls, hardening systems, and leading cloud security efforts to address misconfigurations, vulnerabilities, and identity risks.
Monitor, investigate, and remediate security alerts and threats by performing DFIR, analyzing attack vectors, proactively hunting adversary activity, and leading incident response.
Perform security reviews of third-party vendors, SaaS platforms, and internal applications, assessing architectures, data flows, integrations, and risk exposure.
Defend the organization end-to-end across endpoints, identities, applications, and cloud by operating and advancing SecOps controls (SIEM/EDR/CSPM), building automations, enforcing best practices, and partnering cross-functionally to drive security outcomes.

Were looking for a highly skilled Cybersecurity Governance, Risk, and Compliance Engineer with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.