דרושים » אבטחת מידע וסייבר » ir engineer

Required IR Engineer
Were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, youll:
Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments
Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
Automate forensic evidence collection and response actions across diverse platforms and services
Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility
Lead incident retrospectives and document technical findings, response steps, and process improvements
Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables
Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols.

Were looking for a Senior Security Platform Engineer to join our team and work at the intersection of Security technology, and business. This role is about impact - not just ownership, not just execution, but building solutions that actually get used.
This role is based in Tel Aviv. We work in a hybrid model, with 3 days a week in the office.
Your impact and responsibilities:
Support, maintain, and operate network, data, and AI security controls across our company production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

At our company, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.
We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.
As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.
About Your Day-to-Day
As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.
Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team

We are looking for a senior, hands-on Security Operations Lead to build, mature, and operate Zenitys detection, response, and corporate security capabilities. You will own the engineering, workflows, and processes that keep Zenity secure day-to-day, while continuously improving visibility, automation, and operational resilience across both corporate and production environments. This role requires a technical operator who can architect scalable detection and response pipelines, manage endpoint and identity security controls, streamline GTM security enablement, and collaborate across the company to reduce risk. You will balance strategic direction with hands-on execution-ensuring threats are identified quickly, incidents are handled effectively, and the organizations operational security posture remains strong as Zenity grows.
Responsibilities:
Own and mature Zenitys Detection & Response program, including alerting, triage workflows, incident playbooks, and end-to-end response processes.
Build and maintain detection logic, integrations, and automation across logging, SIEM, EDR, cloud telemetry, and internal monitoring systems.
Lead incident investigations, coordinate response across engineering and business teams, and ensure clear communication and post-incident reviews.
Manage Zenitys Corporate Security Program, including identity and access management, endpoint posture management, corporate data security controls, and DLP practices.
Oversee privileged access workflows and JIT access for corporate and production systems in alignment with least-privilege principles.
Partner with engineering teams to ensure production environments maintain strong security baselines, logging, and monitoring coverage.
Collaborate with GTM/Sales teams to support Security Enablement, including third-party security questionnaires, customer assurance needs, and auditor inquiries.
Build automation-first operational processes that reduce manual overhead and provide consistent, repeatable security outcomes.
Develop and refine detection and response runbooks, escalation paths, and cross-team coordination models.
Maintain and improve incident and operational metrics, dashboards, and KPIs to measure operational efficiency and threat coverage.
Drive the intake and prioritization of security operations requests through Jira and internal workflows.
Work closely with Product Security, Cloud/DevOps, and GRC to ensure shared visibility and aligned operational practices.
Identify operational security gaps, propose improvements, and lead implementation efforts across tooling, processes, and controls.
Promote a culture of proactive detection, fast response, and shared responsibility for organizational security.

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.

We're looking for a Security Engineer - Product to spread the power. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing us to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team - extending our DevSecOps and Product Security practices to our FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our engineering and operations teams - helping them deliver secure-by-design solutions.