דרושים » אבטחת מידע וסייבר » Digital Forensics and incident response analyst- 2584

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.
Responsibilities:
Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

our company is the world leader in accelerated computing, defining the future of ai and high-performance networking. we are seeking a highly skilled and proactive senior Cyber security threat intelligence (cti) analyst to join the networking product security team. in this critical role, you will function as a key defender of the technologies powering the worlds largest ai clusters. you will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. this is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global ai infrastructure.
what you will be doing:
you will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:
lead deep-dive osint and webint research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
leverage scripting ( Python, bash, etc.) and generative ai tools to automate intelligence collection, triage, and analysis workflows.
analyze advanced persistent threats (apts) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
drive threat hunting methodologies, proactively searching for indicators of compromise (iocs) and hidden vulnerabilities within the products.
translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our security function, focusing on proactive reviews and providing advanced guidance to customers. This is an opportunity to develop your expertise in cloud security while working closely with analysts, researchers, and engineers.
Responsibilities :
Assist in fine-tuning detection and response mechanisms.
Support proactive reviews of customer environments to identify risks, exposed attack surfaces, and recommend improvements.
Lead and conduct in-depth security investigations, documenting outcomes and developing playbooks to enhance future detection and response.
Collaborate with Security Analysts, Research, and Backend teams to enhance detection quality.
Contribute to the handling of complex or critical incidents escalated from Tier 1/2.
Participate in recurring customer meetings, helping translate security findings into clear, actionable recommendations.
Stay up to date with emerging threats, attack techniques, attack surfaces, and best practices in cloud security.
Contribute to the development and training of AI-driven detection models, leveraging machine learning to improve investigation accuracy and response efficiency.

we are looking for a Managed Cloud Detection and Response Analyst to join our newly established team. The team is responsible for monitoring customers cloud environments and workloads, triaging security alerts, and mitigating cyber incidents.
WHAT YOULL DO
Continuously monitor customers cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents.
Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively.
Work closely with customer teams to guide and assist with investigation and remediation of incidents.
Create and deliver incident reports that document findings and response actions taken for customers.
Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customers specific cloud environment.
Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team.
Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods.

Were looking for a Application Security Product Analyst to join our Product team and help expand the power of our company.
In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent while simultaneously innovating detection mechanisms for cloud-native technologies.
You will bridge the gap between automated AI testing and cloud infrastructure, defining the "rules of engagement" for our agents to ensure they effectively simulate sophisticated attacks and accurately classify the modern attack surface.
WHAT YOULL DO
Engineer Detection & Attack Logic: Develop advanced detection algorithms to classify cloud technologies while fine-tuning the attack policies that define how our agents identify and exploit vulnerabilities.
Validate Complex Findings: Analyze cloud services, APIs, and log payloads to review complex attack paths, reducing false positives and ensuring compliance with industry standards.
Research Novel Threats: Stay at the forefront of novel attack vectors and emerging cloud/API threats, translating new techniques into executable behaviors for the company DAST engine.
Drive Product Evolution: Collaborate directly with Research, Backend, and R&D teams to turn operational insights into feature requests, positioning our company as the market leader in vulnerability management.

We are seeking a motivated and detail-oriented Associate Threat Detection Analyst to join our Security Operations Center (SOC) team that is located in Atlanta, USA. The ideal candidate will play a crucial role in monitoring, analyzing, and responding to security incidents across the organizations IT infrastructure. This is an excellent opportunity for someone looking to start their career in cybersecurity and gain hands-on experience in a fast-paced environment. The work will be done in a hybrid, remotely, and from our Jerusalem-based office.

Key Responsibilities:

Monitor Security Alerts: Continuously monitor security alerts from various security tools (SIEM, IDS/IPS, firewalls, etc.) to identify potential threats.

Log Analysis: Perform routine analysis of logs and network traffic to detect suspicious activities and potential security breaches.

Escalation: Escalate critical incidents to senior SOC analysts or other relevant teams as per the established protocols.

Documentation: Document security incidents, including the steps taken to resolve them, and maintain accurate records for audit and reporting purposes.

Continuous Learning: Participate in ongoing training and development opportunities to enhance your cybersecurity knowledge and skills.

We are seeking a dynamic and experienced Security Data Analyst to spearhead our cybersecurity initiatives and drive innovation within our team. In this pivotal role, you will lead the development of new security features, conduct in-depth data analysis and validation, conduct network research, develop new security concepts, and enhance our threat detection and response capabilities.

If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.


Responsibilities:
Apply data analytics techniques to investigate security-related data, extract actionable insights, and enhance threat intelligence.
Perform data analysis to uncover anomalies and detect malicious behavior within the organization's network, aiming to automate these findings into a detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.
Research various network behaviors and patterns.

Exposure Analyst (Customer-Facing)
About XM Cyber: XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. We transform exposure management by showing our customers exactly how attackers might combine misconfigurations, vulnerabilities, and identity exposures across cloud and on-prem environments to compromise critical assets. With XM Cyber, our customers can see all the ways attackers might get in—and the best ways to stop them with a fraction of the effort. About You & The Role: Are you someone who loves connecting with people just as much as you love talking tech? We are looking for a highly empathetic, customer-focused Exposure Analyst to join our managed services team. In this role, you’ll be the friendly face and trusted advisor helping our premium customers get the absolute best out of the XM Cyber platform. You’ll dive deep into security postures, translate complex attack paths into simple, actionable steps, and build the kind of trust that makes IT and Security teams excited to work with you. Responsibilities: Be the Trusted Advisor: Own the primary technical relationship for a portfolio of enterprise and mid-market customers, establishing yourself as their go-to security partner representing XM Cyber in the customer’s organization. Daily Posture Reviews & Action: Conduct daily reviews and analyses of your customers' security postures using the XM Cyber platform. You'll turn complex findings into clear, risk-based insights and proactively open remediation tickets. Weekly Check-ins & Deep Dives: Lead engaging weekly calls with your customers, hosting targeted deep-dive sessions to guide them on configuration, best practices, and new features to ensure optimal ROI. Bridge the Gap: Drive remediation outcomes by pushing discussions directly with the customer’s IT, DevOps, and Cloud teams—not just their security teams—helping them prioritize efforts based on attack path analysis. Deliver the Big Picture: Proactively track progress and provide monthly reports to both technical and executive stakeholders. You’ll also co-host Executive Business Reviews (EBRs) alongside our Customer Success team. Champion the Customer: Act as the lead technical escalation point, partnering with our internal R&D, Product, and Support teams to make sure your customers' needs are always heard and resolved.

We are looking for a Red Team specialist for our Infrastructure Red Team department for a maternity leave replacement. This role includes researching, assessing and challenging digital identity verification and access mechanisms across a variety of platforms and solutions. The position includes creative red team projects and infrastructure management alongside end-to-end delivery to key clients. You will be responsible for the generation of insights, means, methods and signals provided from diverse intelligence streams alongside red team exercises meant to assist with identifying key vulnerabilities, high risk abuses, and mitigation solutions and planning. Key responsibilities:
* Red Team operations - strategic planning and execution of red team exercises
* Identification, analysis and intelligence gathering on bad actors, sources and platforms, while identifying abuse methods
* Research and development of new operational bypass methods
* Provide insights on intricate means and methods being used by threat actors to abuse the worlds most popular tech platforms while putting users at risk
* Monitoring Web and Mobile environments - social media platforms, forums, blogs, mobile applications and darknet to uncover malicious activity.
* Content creation and management.

We are rapidly growing, and we seek a GRC Analyst to join our InfoSec team.
In this position you will report to the CISO and will be located in our Israeli office.
Trust is the cornerstone of our fintech SaaS environment, and we are looking for a GRC Analyst to uphold this principle. This role will serve as the primary liaison for both internal risk management initiatives and external inquiries, and for ensuring our internal controls adhere to international standards and frameworks.
Responsibilities:
Policy & Framework Management: Assist in developing and maintaining information security policies and procedures in alignment with international standards such as ISO 27001, NIST, CIS, GDPR, CSA and SOC 2.
Risk & Control Lifecycle: Manage regular risk assessments to identify vulnerabilities and participate in the design, implementation, and testing of security controls to ensure organizational resilience.
Audit & Compliance Monitoring: Coordinate internal and external security audits, managing the collection of evidence and tracking remediation efforts across various business units.
GRC Platform Ownership: Serve as the technical owner of the companys GRC platform.
RFI Lifecycle Management: Act as the primary point of contact for managing the end-to-end process for client security questionnaires and due diligence requests from triage to final submission.
Knowledge Base Architecture: Build and maintain a centralized, AI-assisted repository of approved technical responses covering Security, Privacy, Product Tech (e.g., oAuth, integrations), Legal, ESG, and Finance.
SME Collaboration & Triage: Facilitate cross-functional communication by triaging inquiries and escalating complex technical or legal questions to the appropriate Subject Matter Experts in R&D, Product, Legal, and Compliance.
Technical Trust Documentation: Create and update client-facing collateral, including security white papers, trust center content, and compliance summaries to proactively address stakeholder inquiries.
Process Optimization & Metrics: Evaluate and implement new SaaS tools to automate the RFI workflow while tracking performance metrics like volume and response times to drive operational efficiency.
Stakeholder Enablement: Develop and deliver training materials, wikis, and "How-to" guides to educate GTM and technical teams on the standardized RFI process and SME engagement model.