דרושים » אבטחת מידע וסייבר » SOC Analyst

Were looking for an Automation Security Analyst whos eager to help shape and strengthen our And strengthen our SOC and IR. Youll play a key role in developing a dynamic and evolving security environment, driving efforts to automate alert handling and streamline incident response. If youre passionate about cybersecurity, automation, and creative problem-solving, wed love to hear from you.

Responsibilities:
Develop and implement automation workflows to improve alert investigation and response efficiency.
Investigate and respond to security alerts, ensuring timely and effective resolution of incidents.
Identify false positives and collaborate on SIEM/SOAR tuning to enhance detection accuracy.
Apply creative, out-of-the-box thinking to solve complex security challenges and strengthen SOC capabilities.
Handle phishing incidents, including analysis, containment, and mitigation efforts.
Work closely with IT and DevOps teams to resolve security issues and promote best practices.
Contribute to the growth and maturity of a dynamic SOC team.
Participate in on-call rotations for incident response outside of regular working hours.

looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

Main Responsibilities

Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigations, as well as security assessments.

Guide and empower team members, enhancing their technical and research skills.

Lead client-facing projects including incident response and hunting efforts for large-scale sophisticated attacks, to contain and defeat real-world cyber threats.

Collaborate and work with clients IT and Security teams during investigations.

Design and improve internal incident response technologies, methodologies, and processes.

Unit 42s Managed Detection and Response (MDR) service is growing fast, and were building a customer-centric team that blends technical expertise with direct customer engagement. As a Customer Focus Analyst, youll act as the front line of communication between our MDR analysts and our customers, helping bridge the gap between incident response and customer understanding.
Youll not only support investigations and incident triage, but also help onboard customers, answer technical questions about reports, alerts, and the service, and manage ongoing communications to ensure clarity, alignment, and satisfaction.
This role is ideal for someone who is technical at their core, but enjoys customer interactions, driving clarity, and ensuring our partners feel confident and supported in their cybersecurity journey.
Key Responsibilities
Be part of a customer-focused sub-function of the Unit 42 MDR team, dedicated to proactive communication and technical guidance
Support onboarding activities for new customers
Monitor incoming communication from customers (e.g., via email, comments), triage and route issues as needed, and answer technical questions around reports, alerts, and recommendations
Collaborate with MDR analysts to ensure the customers technical questions about incidents or threats are fully addressed
Own the customer communication lifecycle during ongoing incidents ensure timely updates, clarity, and alignment on next steps
Help drive consistency and quality in how incidents and threat intelligence are communicated externally
Escalate and advocate for customer issues internally across Product, Engineering, and the broader Unit 42 team.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

we are looking for a Cyber Security Engineer
As a Cyber Security Engineer , youll play a key role in protecting our global platform and ensuring the resilience of our systems against emerging threats. Youll be responsible for investigating and responding to security incidents, analyzing malware, and conducting threat hunting activities across cloud environments.
Youll collaborate closely with the Infosec team, engineers, and cross-functional stakeholders to detect, contain, and mitigate threats, while continuously improving our security posture.
As part of a strong, experienced team, youll contribute to design, shape and implement information security solutions, mentor others in best practices, and drive automation initiatives to streamline detection and response.
Responsibilities:
Develop and maintain automation scripts in Python to enhance SOC efficiency and incident response workflows.
Perform initial triage and assessment of security incidents, identifying threats and recommending mitigation strategies.
Conduct static and dynamic analysis to uncover malicious behaviours, code, and techniques.
Apply forensic methodologies to extract, analyze, and interpret digital evidence to support investigations and attribution.
Investigate and mitigate cloud-based threats, with a focus on AWS environments.
Collaborate with cross-functional teams to strengthen overall organizational security and ensure best practices.

As a CyOps Analyst, you will be investigating security alerts from the platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with the Research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
* Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.
About Us:
We are a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 247 security experts. With a Partner First mindset, we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.

We are seeking a driven problem solver to join our Unit 42 MDR team.
Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a Senior MDR, we will rely on you to manage a team of experts who detect and respond to cyber incidents facing customers internal business.
As a Senior, you will join a team of managers who overlook the Unit 42 MDR team to ensure premium delivery to our customers and also have a critical role in how the team works, but also be able to create new processes, methodologies and capabilities that the team requires.
Your Impact
Hire for and lead a team of MDR Analysts working globally, guide the team, create and improve processes, methodologies and capabilities that the team requires to work effectively
Lead a team that analyzes incidents from real customer environments to identify ongoing threats to customer environments
Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire companys customer base
Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats.

We are looking for an experienced Security Architect to lead the design and implementation of advanced security solutions across our infrastructure, products, and cloud environments. In this role, you will work closely with engineering, DevOps, product, and SOC teams to ensure end-to-end protection, threat resilience, and security-by-design architecture.

Your Chain of Impact:

Design and implement scalable, secure architectures across cloud, application, and data environments
Lead security reviews, threat modeling, and risk assessments for new and existing systems.
Collaborate with R&D and DevOps to embed security best practices into development and deployment processes.
Define and maintain security standards, policies, and frameworks (Zero Trust, IAM, network controls, data protection, etc.)
Oversee integration of security controls, monitoring systems, and automated detection capabilities.
Partner with SOC teams to enhance detection, response, and incident management workflows.
Evaluate new security tools and technologies; lead POCs and drive strategic decisions.
Provide security guidance during architecture planning, code reviews, and product design.

As a Cloud Security Analyst, you will join our global SOC team. A small, highly technical team that owns key parts of Vias security operations. This role is perfect for someone who is motivated and eager to make an impact, and who wants to take meaningful ownership in a cloud-native environment.You will investigate real incidents, improve detections, collaborate with engineering, support AI initiatives, and strengthen Vias security posture end-to-end.

What Youll Do:

Monitor, investigate, and respond to security events across cloud and SaaS environments
Tune detections, signatures, and guardrails to reduce noise and improve accuracy
Develop and maintain SOC playbooks, processes, and response guidelines
Perform intrusion analysis and contribute to threat intelligence correlation
Conduct proactive threat hunting and surface emerging risks
Lead hands-on technical investigations and incident containment
Work with SecOps engineers to design automated remediation flows
Build dashboards, advanced alerts, and visibility for critical events
Continuously improve SOC capabilities by bringing new ideas and approaches

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.