דרושים » אבטחת מידע וסייבר » Senior SOC Analyst

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

We are seeking a skilled and experienced InfoSec & SecOps Lead to join our company (Formerly ActiveFence) CISO team. The ideal candidate will be responsible for driving the security initiatives. Responsibilities:
* Maintain holistically security corporate architecture and Hardening, including network, systems, applications. Evaluate and implement security remediations to enhance the organization security posture.
* Corporate Security: Oversee security measures, including access control, surveillance, and emergency response planning. Manage relationships with external security vendors related to TPRM and IR.
* Experience among others on SSPM/SaaS security, IDP, SIEM / SOC, Including conducting threat modeling exercises to identify potential vulnerabilities and risks where required.
* Security Operations: Oversee the day-to-day security operations, including monitoring, incident response, Analyze security logs and alerts to identify & respond to security incidents. Conduct regular security assessments and manage the remediations program. Develop and maintain an effective incident response plan.Conduct post-incident reviews to identify lessons learned and improve future response efforts.
* Experience with Vulnerability Management: Identify, prioritize vulnerabilities. Monitor and track vulnerability remediation efforts.
* Collaborate with other teams within the organization to ensure the overall security posture is maintained. This may include working with IT, DevOps, R&D, G&A to implement security policies and technical security procedures. Including all business units, educate employees on security best practices.
* AI Governance: Partner with Business Units to create safe-use guardrails for AI. Conduct security reviews for internal AI implementations, ensuring adherence to frameworks like the OWASP Top 10 for LLMs.
*  data Driven Metrics: Develop automated dashboards that track Real-Time security health, focusing on MTTR and reducing manual "toil" for the Security.

About us:
we are a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact-whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, our company provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response. You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.

If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.


Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

Required Security Operations Center Manager
Job Description
As a Security Operations Center Manager, you'll lead a dynamic team to ensure the security and resilience of our infrastructure. Youll manage 24/7 shift operations, mentor SOC analysts, and oversee the rapid identification and response to cybersecurity incidents. In this role, you will:
Lead and mentor SOC team members, manage shift operations, and recruit and train talented SOC analysts
Oversee the management of computer security incidents, including the collection, analysis, and preservation of digital evidence
Utilize SIEM/Big Data solutions and SOAR systems to identify and investigate cybersecurity incidents, accelerating data analysis
Collaborate with internal security and incident response teams while demonstrating excellent communication skills in English
Recommend updates to standard operating procedures, develop insightful reports and dashboards, and implement best practices to enhance SOC operations.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.

Were looking for a Senior Security Platform Engineer to join our team and work at the intersection of Security technology, and business. This role is about impact - not just ownership, not just execution, but building solutions that actually get used.
This role is based in Tel Aviv. We work in a hybrid model, with 3 days a week in the office.
Your impact and responsibilities:
Support, maintain, and operate network, data, and AI security controls across our company production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing

We are looking for a Red Team specialist for our Infrastructure Red Team department for a maternity leave replacement. This role includes researching, assessing and challenging digital identity verification and access mechanisms across a variety of platforms and solutions. The position includes creative red team projects and infrastructure management alongside end-to-end delivery to key clients. You will be responsible for the generation of insights, means, methods and signals provided from diverse intelligence streams alongside red team exercises meant to assist with identifying key vulnerabilities, high risk abuses, and mitigation solutions and planning. Key responsibilities:
* Red Team operations - strategic planning and execution of red team exercises
* Identification, analysis and intelligence gathering on bad actors, sources and platforms, while identifying abuse methods
* Research and development of new operational bypass methods
* Provide insights on intricate means and methods being used by threat actors to abuse the worlds most popular tech platforms while putting users at risk
* Monitoring Web and Mobile environments - social media platforms, forums, blogs, mobile applications and darknet to uncover malicious activity.
* Content creation and management.

we are looking for a Cyber Threat Intelligence Analyst to join our Cyber team
mission is to provide easy access to high quality web content to companies who wish to focus on data analysis and not data collection.
We work to provide access to the biggest data repositories in each vertical we serve, and we take pride in our ability to quickly take care of our clients, and fulfill their data requirements.
What Youll be Doing:
Maintain deep, ongoing knowledge of deep and dark web sources, actively tracking forums, marketplaces, blogs, and chat platforms, while ensuring data coverage, quality, and continuity.
Perform continuous cyber threat research across the cyber landscape, maintaining up-to-date knowledge of trends and incidents across malware campaigns, ransomware attacks, and data breaches, including threat profiling and ecosystem analysis to enhance detections and customer outcomes.
Own the technical delivery of cyber trials by building tailored POCs, validating data relevance, and demonstrating measurable value aligned with customer KPIs.
Act as a technical point of contact for customers, supporting investigations, resolving data and coverage issues, and contributing to retention and expansion efforts.
Collaborate closely with Product and Development teams to improve data deliverables and help define and develop new product capabilities and features based on customer needs and threat-landscape insights.