דרושים » אבטחת מידע וסייבר » SOC Analyst

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response. You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.

If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.


Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team

We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our security function, focusing on proactive reviews and providing advanced guidance to customers. This is an opportunity to develop your expertise in cloud security while working closely with analysts, researchers, and engineers.
Responsibilities :
Assist in fine-tuning detection and response mechanisms.
Support proactive reviews of customer environments to identify risks, exposed attack surfaces, and recommend improvements.
Lead and conduct in-depth security investigations, documenting outcomes and developing playbooks to enhance future detection and response.
Collaborate with Security Analysts, Research, and Backend teams to enhance detection quality.
Contribute to the handling of complex or critical incidents escalated from Tier 1/2.
Participate in recurring customer meetings, helping translate security findings into clear, actionable recommendations.
Stay up to date with emerging threats, attack techniques, attack surfaces, and best practices in cloud security.
Contribute to the development and training of AI-driven detection models, leveraging machine learning to improve investigation accuracy and response efficiency.

Required Security Analyst
Security & Risk Management | Full Time | Job Id: 25168
Why Join Us?
As part of our mission to provide the best real-time email security for our customers, our team plays a critical role in uncovering, understanding, and mitigating email-based threats. We work at the front line of phishing and social-engineering attacks, ensuring customers stay protected from fast-moving and constantly evolving threats.
In this role, youll dive deep into real-world attacks, quickly analyze emerging threats, and develop accurate protections that are deployed to customers in real time. Youll collaborate closely with other analysts, security researchers, and field teams, while also helping shape and improve the workflows and automation that drive our team forward. This is a hands-on, impactful role for someone who loves uncovering threat patterns, solving complex problems, and contributing to a mission-driven security team.
Key Responsibilities
Analyze new email-based threats and deliver real-time protection within our email security products.
Investigate threats using our email-security tools, customer reports, and additional threat-intelligence sources.
Identify ongoing phishing campaigns, trends, and potential detection gaps.
Respond to alerts and requests from internal field teams and customers, providing immediate mitigation for active attacks.
Develop and test tailored mitigations for specific attacks and deploy them to customers.
Write detailed research reports and attack briefs explaining phishing campaigns, attacker techniques, and findings.
Implement automation processes to enhance operational efficiency and detection accuracy.
Contribute ideas to improve team workflows, processes, and coverage.
Use AI and LLM-powered tools to analyze attacks and extract meaningful insights.
Design processes for analyzing phishing campaign data, trends, and related attacker methodologies.

our company is the world leader in accelerated computing, defining the future of ai and high-performance networking. we are seeking a highly skilled and proactive senior Cyber security threat intelligence (cti) analyst to join the networking product security team. in this critical role, you will function as a key defender of the technologies powering the worlds largest ai clusters. you will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. this is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global ai infrastructure.
what you will be doing:
you will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:
lead deep-dive osint and webint research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
leverage scripting ( Python, bash, etc.) and generative ai tools to automate intelligence collection, triage, and analysis workflows.
analyze advanced persistent threats (apts) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
drive threat hunting methodologies, proactively searching for indicators of compromise (iocs) and hidden vulnerabilities within the products.
translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

As a Senior Technical Product Engineer, you will play a key role in providing detailed technical information and strategic guidance to our partners, customers, and internal teams. You will serve as a subject matter expert on our Cloud SOC and Automation platforms, working across product teams to drive innovation and improvements. This role requires a self-starter who is eager to learn, experiment with new technologies, and address complex sales and technical challenges.
Key Responsibilities
Serve as a Subject Matter Expert (SME) for Cloud SOC, Automation (SOAR), and CNAPP, providing actionable feedback to Product Managers to influence the product roadmap.
Collaborate cross-functionally with Sales, Product Management, and customers to drive innovation and ensure secure, scalable adoption of cloud-native security solutions.
Lead complex projects that align with field-driven priorities, ensuring milestones and deliverables are tracked and met.
Design and deliver automation content, playbooks, and integrations that address real-world Security Operations Center (SOC) use cases and cloud security risks.
Support field teams (Sales, SEs) by building Proof of Concept (POC) plans, answering technical questions, and assisting with RFPs.
Proactively challenge the status quo by identifying and solving complex issues, establishing best practices for product improvements.
Advocate for best practices in securing modern application architectures using automation, contextual risk insights, and scalable cloud-native controls.

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed.
This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.
We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles.
You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team.
Specifically, your focus will be on:
Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests.
Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements.
Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis.
Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings.

We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers
Job Id: 25042
Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams.

Exposure Analyst (Customer-Facing)
About XM Cyber: XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. We transform exposure management by showing our customers exactly how attackers might combine misconfigurations, vulnerabilities, and identity exposures across cloud and on-prem environments to compromise critical assets. With XM Cyber, our customers can see all the ways attackers might get in—and the best ways to stop them with a fraction of the effort. About You & The Role: Are you someone who loves connecting with people just as much as you love talking tech? We are looking for a highly empathetic, customer-focused Exposure Analyst to join our managed services team. In this role, you’ll be the friendly face and trusted advisor helping our premium customers get the absolute best out of the XM Cyber platform. You’ll dive deep into security postures, translate complex attack paths into simple, actionable steps, and build the kind of trust that makes IT and Security teams excited to work with you. Responsibilities: Be the Trusted Advisor: Own the primary technical relationship for a portfolio of enterprise and mid-market customers, establishing yourself as their go-to security partner representing XM Cyber in the customer’s organization. Daily Posture Reviews & Action: Conduct daily reviews and analyses of your customers' security postures using the XM Cyber platform. You'll turn complex findings into clear, risk-based insights and proactively open remediation tickets. Weekly Check-ins & Deep Dives: Lead engaging weekly calls with your customers, hosting targeted deep-dive sessions to guide them on configuration, best practices, and new features to ensure optimal ROI. Bridge the Gap: Drive remediation outcomes by pushing discussions directly with the customer’s IT, DevOps, and Cloud teams—not just their security teams—helping them prioritize efforts based on attack path analysis. Deliver the Big Picture: Proactively track progress and provide monthly reports to both technical and executive stakeholders. You’ll also co-host Executive Business Reviews (EBRs) alongside our Customer Success team. Champion the Customer: Act as the lead technical escalation point, partnering with our internal R&D, Product, and Support teams to make sure your customers' needs are always heard and resolved.

be part of a team that pushes boundaries, developing custom silicon solutions that power the future of our direct-to-consumer products. you'll contribute to the innovation behind products loved by millions worldwide. your expertise will shape the next generation of hardware experiences, delivering unparalleled performance, efficiency, and integration.
the ml, systems, & cloud ai (msca) organization at our designs, implements, and manages the hardware, software, Machine Learning, and systems infrastructure for all our services (search, youtube, etc.) and our cloud. our end users are , cloud customers and the billions of people who use our services around the world. we prioritize security, efficiency, and reliability across everything we do - from developing our latest tpus to running a global network, while driving towards shaping the future of hyperscale computing. our global impact spans software and hardware, including our clouds vertex ai, the leading ai platform for bringing gemini models to enterprise customers.
responsibilities
utilize performance and power models from the architecture team, as well as lab measurements, to validate and tune performance against established goals.
design and build tests to verify that the SOC design meets those goals.
develop and implement advanced technologies for running benchmark representations on pre-silicon environments.
analyze complex problems, identify core design weaknesses, and drive the resolution of performance issues in both pre- and post-silicon environments.
develop performance measurement frameworks, including key performance indicators (kpis), to produce regular reports and dashboards that support stakeholder decision-making.