דרושים » אבטחת מידע וסייבר » Security Incident Response Group Lead

we are seeking an Incident Response Lead to own and mature the companys global cyber incident response capability. This role sits within the CISO Office and is accountable for response execution, post-incident learning, and executive-level coordination across our companys cloud, infrastructure, and platform environments.
The Incident Response Lead will act as the single accountable owner for high-severity security incidents, ensuring rapid containment, accurate impact assessment, regulatory-compliant communications, and continuous improvement of detection and response capabilities.
This role requires deep technical expertise, strong crisis leadership, and the ability to operate under pressure in highly regulated, high-availability environments.
Key Responsibilities
Incident Response Leadership
Lead and coordinate of security incidents across our companys cloud, infrastructure, and corporate environments.
Act as Incident Commander during major incidents, driving containment, eradication, and recovery efforts.
Support and maintain clear incident classification, escalation, and decision-making frameworks.
Ensure 24/7 readiness through on-call structures, runbooks, and playbooks.
Detection, Triage, and Investigation
Oversee advanced incident triage and forensic investigations across:
Cloud platforms
Network and perimeter security
Identity and access systems
Supply chain and third-party risks
Partner with SOC, Threat Intelligence, and Threat Hunting teams to improve detection fidelity and reduce MTTR.
Ensure evidence handling meets legal, regulatory, and forensic standards.
Lead regulatory-ready incident documentation, timelines, and root cause analysis (RCA).
Support audits, regulatory inquiries, and executive reporting related to security incidents.
Executive & Cross-Functional Coordination
Serve as the primary incident response interface to:
CISO and executive leadership
Legal, Privacy, Compliance, and Communications teams
Infrastructure, Network, IT, Platform, and Engineering leadership
Deliver clear, factual, and risk-based incident briefings to senior leadership.
Support customer and partner communications when security incidents impact trust or service availability.
Program Development & Continuous Improvement
Support our companys incident response program, including:
Playbooks and runbooks
Tabletop exercises and simulations
Red/blue/purple team coordination
Drive lessons-learned processes and ensure findings result in measurable control improvements.
Define and track incident response KPIs (MTTD, MTTR, containment effectiveness).

We are looking for a leader with a strong passion for offensive security, technical excellence, and people development -someone who can lead and scale a global team, build strong relationships, and drive measurable impact across customers, services, and internal teams.
This role is ideal for a relationship-driven, customer-centric leader who values service excellence and consistently delivers a high-quality customer experience across all engagements.
A leader who can influence without authority, collaborate with diverse stakeholders, and move complex initiatives forward in a global environment.
In this position, you will leverage your expertise in penetration testing, customer engagement, and operational leadership to own delivery excellence end-to-end, participate in pre-sales discussions, support scoping, and continuously elevate our offensive security practice worldwide.
Key Responsibilities
Team Leadership
Lead and scale a global team of penetration testers across multiple regions.
Mentor, coach, and support continuous technical and professional growth.
Foster a high-performance culture based on expertise, collaboration, and ownership.
Delivery & Customer Excellence
Own delivery excellence end-to-end, ensuring high-quality, accurate, and consistent execution of penetration testing engagements.
Participate in pre-sales and scoping meetings to define technical requirements and expectations.
Ensure a high-quality customer experience throughout every engagement.
Assign resources, manage workload balance, and drive optimal team utilization.
Operational Excellence
Drive operational efficiency and measurable KPIs, including utilization, delivery timelines, report quality, and customer satisfaction.
Identify and implement improvements in methodologies and internal processes.
Cross-Functional Collaboration
Partner cross-functionally with Sales, Product, and R&D, as well as PS Delivery and IR teams.
Build strong relationships and align stakeholders to support strategic opportunities and service growth.
Contribute technical insights to help shape new offensive security offerings.
Innovation & Service Development
Contribute to global knowledge bases, training materials, and methodology evolution.
Lead initiatives that improve service quality, efficiency, and technical depth.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are seeking an experienced, visionary Cyber Research Team Lead to guide and grow a multidisciplinary cyber research team. You will lead a group of domain experts - from network engineers and identity specialists, to red-teamers, protocol researchers, penetration testers, data analysts and cloud/virtualization experts - working collaboratively to build our next-gen AI-based posture management platform. As team lead, you will both manage the team and shape the research agenda: coordinating cross-domain investigations, defining priorities, mentoring researchers, and ensuring that research output feeds directly into scalable, intelligent workflows and product capabilities.
If youre passionate about cyber research, enjoy nurturing technical talent, and thrive on building complex, multi-domain security products - this is your chance to build and lead a research team that defines how AI defends modern enterprise infrastructure.
The Responsibilities
Lead, mentor, and coordinate a diverse, multi-domain cyber research team.
Define and drive the teams research agenda, establishing multi-domain security research priorities aligned with company goals and product roadmap.
Translate research findings into actionable AI-based deliverables - such as automated workflows and agentic flows integrated into the AI-based posture management product.
Coordinate and work in multidisciplinary squads to build customer facing product, ensuring real-world relevance and impact.
Maintain research excellence and innovation culture - encourage internal knowledge-sharing, code/tool reuse, and continuous learning.
Recruit, grow, and manage talent -identify skill gaps, hire new researchers, mentor researchers, and foster a collaborative, high-performance team environment.
Stay current with emerging cyber threats, infrastructure trends (cloud, virtualization, identity systems), adversarial techniques and AI-driven security trends - and evolve research strategies accordingly.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

Are you passionate about staying one step ahead of cyber threats? Do you thrive at the intersection of deep technical expertise and strategic leadership?
We're looking for an exceptional Offensive Security & Research Team Leader to drive cutting-edge offensive operations, lead a team of elite security professionals, and shape the future of cyber resilience.
In this role, you'll lead hands-on red team activities, threat research, and vulnerability discovery-pushing the boundaries of what's possible in cyber offense. You will work closely with product, engineering, and executive stakeholders to translate complex attack scenarios into real-world risk mitigation strategies.
This is more than a leadership position-it's an opportunity to build and scale a high-impact team at the forefront of the cybersecurity landscape.
Job Description:
Lead a high-performing offensive security team specializing in red teaming, threat emulation, advanced adversary simulation, and vulnerability research.
Mentor and grow team members, fostering a culture of continuous learning, innovation, and operational excellence.
Promote a culture of innovation, encouraging curiosity and technical excellence within the team.
Translate technical discoveries into operational insights that enhance offensive engagements and deliver clear value to clients
Collaborate cross-functionally with our company's cyber offensive and defensive teams
Develop and maintain internal tools and methodologies that enhance offensive capabilities, automation, and reporting accuracy.
Design and execute tailored offensive engagements, including full-scope red team operations, assumed breach scenarios, and social engineering campaigns.

we are seeking a Detection & Response Manager to lead and mature our security operations and adversary defense capabilities.
This role owns SOC operations, incident response, red teaming, and security automation (SIEM & SOAR) across cloud, data center, and enterprise environments.
The ideal candidate combines operational excellence, threat-adversary thinking, and automation-first execution.
Key Responsibilities
Security Operations Center (SOC) Leadership
Own day-to-day SOC operations across cloud, data center, and corporate environments
Define detection strategy aligned to our company threat models and crown jewels
Ensure high-quality alerting, triage, escalation, and reporting
Continuously reduce false positives and alert fatigue
Incident Response & Crisis Management
Lead end-to-end incident response for high-severity security incidents
Own incident command during crises (technical, executive, and regulatory coordination)
Ensure post-incident reviews lead to real control improvements
Maintain and regularly test incident response playbooks
Red Team & Adversarial Testing
Manage red team and purple team activities (internal and external)
Translate real-world adversary TTPs into detection and response improvements
Ensure findings from red team exercises are remediated and verified
Partner with product, cloud, and physical security teams on attack simulations
SOC Automation (SIEM & SOAR)
Own SIEM and SOAR strategy, architecture, and roadmap
Drive automation of detection, enrichment, response, and reporting
Integrate identity, cloud, CI/CD, and physical security telemetry
Measure SOC effectiveness using MTTD, MTTR, and coverage metrics
Threat Intelligence & Continuous Improvement
Operationalize threat intelligence into detections and playbooks
Track emerging threats relevant to cloud, AI, and infrastructure providers
Continuously improve detection coverage against prioritized attack paths
What Success Looks Like (12 Months)
Measurable reduction in MTTD and MTTR for high-severity incidents
Majority of high-risk incidents detected internally, not externally
Red team findings consistently detected and contained
SOC automation meaningfully reduces manual effort
Clear, trusted security reporting to CISO and leadership.

As the Technical Director for Reactive Services, you will serve as a senior-level consultant and client advocate, providing expert guidance on all facets of cybersecurity and data breach response. You will deliver strategic and technical leadership to a diverse range of clients, helping them navigate complex security incidents. Your expertise will be critical in shaping response strategies and ensuring clients effectively mitigate and recover from cyber threats.
Key Responsibilities
Provide expert-level strategic and technical guidance to clients during active data breach response and cybersecurity incidents.
Lead complex client engagements from initial scoping and resource allocation through to technical execution and final reporting.
Apply deep knowledge of forensic processes, including chain of custody, and advanced computer and memory acquisition techniques.
Utilize industry-standard forensics tools (e.g., EnCase, FTK, SleuthKit, Volatility) for in-depth analysis across major operating systems.
Challenge curiously by maintaining hyper-current knowledge of the threat landscape, emerging vulnerabilities, and attacker TTPs to inform response strategies.
Conduct detailed analysis of malware, identify persistence mechanisms, and triage threats to determine root cause and impact.
Proactively collaborate with internal teams and client stakeholders, ensuring alignment and communicating clear, actionable findings.
Develop and automate scripts and processes to simplify and enhance the efficiency of incident response scenarios.

Required IR Engineer
Were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, youll:
Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments
Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
Automate forensic evidence collection and response actions across diverse platforms and services
Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility
Lead incident retrospectives and document technical findings, response steps, and process improvements
Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables
Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols.

We are looking for a visionary VP of Research to lead our elite research group, based out of our Tel Aviv R&D center. Reporting directly to the CTO, you will be responsible for the companys threat research strategy, driving original vulnerability discovery, and ensuring our "Hackers Playbook" remains the most comprehensive in the industry.

This is a highly visible role that balances deep technical leadership with external evangelism. You will not only manage a team of top-tier security researchers but also serve as the public face of our research. You will be presenting at major global conferences, briefing executive customers, and shaping the industry narrative on offensive security.

THE IMPACT YOU WILL HAVE

Research Leadership & Strategy

Lead, mentor, and grow a high-performing team of security and threat researchers.
Define the research roadmap, balancing original vulnerability research (novel attack vectors) with threat intelligence (analyzing emerging APTs, ransomware, and TTPs).
Foster a culture of innovation, guiding the team to discover new attack surfaces in Windows, Linux, macOS, and LLMs.
Thought Leadership & Evangelism

Serve as a primary spokesperson . You must have a proven track record of speaking at top-tier industry conferences (e.g., Black Hat, DEF CON, RSA, BlueHat).
Drive the creation of high-impact technical content, including white papers, technical blogs, and press commentary on breaking security news.
Represent in the media and create relationships with the broader security community.
Product & Business Alignment

Collaborate closely with Product Management and R&D to translate research findings into product capabilities.
Ensure our customers are protected against the latest threats (e.g., US-CERT alerts, Flash reports) within hours of disclosure.
Customer Engagement

Act as a trusted advisor to C-level executives (CISOs, CIOs) at our strategic customers.
Support the Sales and Customer Success teams by providing deep technical insights during high-stakes briefings and QBRs.