דרושים » אבטחת מידע וסייבר » Incident Response Expert

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.
Main Responsibilities:
Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.
Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.
Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.
Collaborate with IT and Security teams during investigations.
Generate and present a comprehensive and professional report of findings from investigations.
Requirements:
At least 3 years of a relevant experience (from military service and/or industry).
Bright, curious and determined team player, who strive for excellency.
Problem solver, in-depth thinker with growth mindset.
Demonstrated in-depth understanding of the life cycle of advanced security threats, attack vectors and variant methods of exploration.
Deep technical understanding of network fundamentals and common Internet protocols.
Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix and MacOS), including host-based forensics and experience with analyzing OS artifacts.
Fluency with one or more scripting language (i.e. Python).
Multidisciplinary knowledge and competencies, such as:
Hands-on experience in data analysis (preferably network traffic or log analysis) in relevant data analysis and data science platforms (Jupyter, Splunk, pandas, SQL).
Familiarity with cloud infrastructure, web application and servers, android and iOS mobile platforms.
Experience with malware analysis and reverse engineering.
Familiarity with enterprise SIEM platforms (e.g. Splunk, QR.adar, ArcSight).
Excellent communication and interpersonal skills. Fluent English, including the ability to document and explain technical information in a concise, understandable manner.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8678684
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
31/05/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
Requirements:
5+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) addressing, escalating, and managing security incidents and creating incident reports.
Extensive experience in managing the lifecycle of security incidents in a global, 24/7 production environment..
Collaborating with various cross-organizational stakeholders to drive incident response and remediation.
Development of common runbooks for most frequent or critical incident types.
Strong development fundamentals with experience delivering and maintaining production-grade code.
Coding & Scripting: Hands-on programming experience (Python, Bash, etc.) with proven ability to build automation processes.
Proven expertise in attack and mitigation methods within Cloud and SaaS environments
Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts.
Problem solver, an in-depth thinker with a growth mindset.
Excellent communication skills and ability to work collaboratively with other teams
Preferred Qualifications
Bachelors degree in Computer Science, Information Technology, or related field
Solid understanding of LLM concepts and architectures, with hands-on experience applying them in practice.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8673515
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.
Requirements:
Required Qualifications
4+ years of experience in at least one of the following fields: Threat Intelligence, Threat Hunting, Malware Analysis, Security Research, SOC (Level 3), or Incident Response.
Deep understanding of the cyber threat landscape, including advanced malware and threat actor techniques. A strong command of the MITRE ATT&CK framework is a must.
Strong proficiency in Python, specifically for automating data collection via APIs and performing data analysis.
Proven experience using BigQuery or SQL-based languages to query massive datasets and identify anomalies.
Strong understanding of OS internals (e.g., processes, registry, memory, file system events) and OS event logs.
Hands-on experience simulating attacks or performing static and dynamic malware analysis in a controlled lab environment.
Analytical Mindset: Ability to analyze large amounts of technical data, extract crucial details, and draw meaningful conclusions.
Independence: Ability to work independently, lead projects to fruition, and collaborate across the company with other departments.
High proficiency in English, both verbal and written.
Preferred Qualifications
Experience in OSINT or intelligence analysis (e.g., military intelligence).
Experience with EDR/XDR platforms, YARA, or Sigma rules.
Strong presentation and public speaking skills.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8704953
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
09/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as One.
This role is offered as a hybrid with expectations to come to the office in the Tel Aviv office in Israel at least 3 days per week. We are only able to accept applications for those based in Israel and have sponsorship to live and work in Israel.
What you'll do:
At our company, we empower people to be their best selves and do their best work. The Security Analyst role strengthens our ability to detect and respond to emerging mobile threats. With increasing mobile attacks and zero-day exploits, we need dedicated analysts to proactively protect our customers and expand detection coverage. As the analysts team has grown, this role now allows for broader coverage of emerging mobile threats and enables analysts to take on more diverse responsibilities. The expanded scope supports comprehensive threat research, detection development, and incident response, ensuring work is thorough,
prioritized, and aligned with evolving security challenges.
What you can expect to do in this role:
Research new ways to detect malicious activity on using a wide variety of custom-built tooling.
Participate on research how to protect users from 0-day attacks.
Perform analysis of detections according to the assignment to determine accuracy and precisions and tune detections accordingly based on results.
Stay up to date on the latest malware trends and design detections accordingly.
Support sales and marketing by timely information about emerging threats and trends.
Analyze device logs and search for malicious signs.
Write and manage detection patterns and algorithms to detect malicious mobile threats in Android and iOS devices.
Perform other duties and special projects as assigned.
Requirements:
What we are looking for:
Minimum 1-2 years of relevant professional experience.
Experience in extracting and analyzing data from mobile devices.
An understanding of cyber security and intrusion detection.
Excellent Python programming/scripting skills.
Mobile Malware Analysis expertise and strong interest in mobile security.
Great presentation skills and fluency in English.
Experience with detecting malware using Yara rules, an overall comprehensive understanding of incident response, a knowledge of using databases and writing queries (e.g. SQL, KQL) and ability to find and run a mobile exploits are a plus.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback is a plus.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8686701
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D center. You will be part of a team that is responsible for researching the most recent and advanced cybersecurity threats, as well as designing, developing, and improving Anti-Malware capabilities to protect against them. The position includes researching OS internals, picking apart malware samples, delving into the internals of Windows kernel and user-mode code, and finding ways to mitigate new attack vectors.
The proposed role will be part of the research team of the Cortex XDR endpoint protection solution.
We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team of the Cortex XDR agent group. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, working closely with various teams to drive innovation. A deep understanding of the Windows operating system is essential.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions.
Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules.
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities.
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert.
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities.
Respond to malware-based security events at clients' networks.
Stay up to date with current malware and APT techniques.
Provide feedback to the product management team on new feature requests and product enhancements from our customer base.
Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware.
Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis.
Be a team player who lifts others up - happy to jump in when a teammate is stuck on a tricky Windows internals or RE question, share what you've figured out, and generally make the people around you better.
Requirements:
At least 5 years of experience in the cyber security research domain.
In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience.
In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment.
Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar.
Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra.
Proficiency in Python.
Knowledge of networking and internet protocols.
A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research.
Ability to work fully independently - own a research track from scoping to POC handoff with minimal supervision - while also collaborating effectively as part of a team.
Strong problem-solving skills with a passion for innovation, sharp attention to detail, and a bias for taking initiative on hard problems.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8714873
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.
Requirements:
4+ years of experience in tactical threat hunting, cyber threat intelligence (CTI), DFIR, or advanced security operations.
Strong background in tactical threat intelligence, specifically identifying the discrete traces, artifacts, and behavioral fingerprints left by adversaries across diverse telemetry sources (endpoint, network, cloud, and identity).
Experience capturing and modelling incident data to map out intrusions and understand attacker behaviours.
Proven ability to develop & deliver verbal & written technical findings of attacker behaviour into clear, high-impact notifications for customers.
Experience translating threat intelligence into high-fidelity hunting hypotheses, detection logic, and log-based queries.
Preferred Qualifications
Experience in an Incident Response or Managed Services environment
Proficiency in Python and SQL
Familiarity with malware analysis
Published security blogs or research that shows a deep understanding of a particular threat.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8705661
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
As the Manager of the Rapid Response (RR) team, you will lead a group of malware analysts responsible for developing, improving, and deploying our rapid anti-malware prevention capabilities. Your team is on the front lines of statically analyzing urgent customer issues, stopping malicious activities in their tracks, and developing to halt attacks at the earliest possible stage. In this role, you will guide the teams technical direction, drive automation initiatives, and act as the critical bridge between frontline support, global research, and engineering.
Key Responsibilities
Lead, mentor, and develop a team of fast-paced malware analysts, fostering a "play to win" culture.
Oversee the daily triage, investigation, and resolution of urgent customer escalations, specifically False Positive (FP) and False Negative (FN) malware prevention events - ensuring swift and accurate mitigation.
Drive the team's automation efforts, identifying opportunities to automate routines to reduce response times and scale the team's capabilities.
Direct the analysis of emerging malware families, OS internals, and attack frameworks to ensure the team maintains an up-to-date overview of the current threat landscape.
Guide the development of rapid, high-quality prevention signatures (e.g., YARA, IPS) to enhance product coverage.
Act as the primary technical escalation point and work in close coordination with global research teams, support, engineering, and other cross-functional stakeholders.
Requirements:
2+ years of experience managing or technically leading a security research, SOC, Incident Response, or malware analysis team.
Strong technical background in malware analysis, OS internals, and the broader threat landscape (including common attacker tools, tactics, and techniques).
Experience managing high-pressure customer escalations and team resources in a dynamic, fast-paced environment (with the understanding that rapid response occasionally requires handling critical issues during non-regular hours, and in rare cases, weekends or holidays).
Strong sense of ownership, exceptional organizational skills, and the ability to manage multiple priorities effectively.
Experience with signature development (YARA, IPS)
Familiarity with Python, Git, and data querying (SQL/BigQuery), coupled with a strong mindset for driving automation and process digitization within a team.
Excellent written and oral communication skills in English, with the ability to articulate complex technical issues to both technical and non-technical cross-functional teams.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8704990
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
Join a team redefining cloud security operations across Cloud Detection & Response (CDR) and Cloud Security Posture Management (CSPM). Our team operates at the intersection of security, engineering, and large-scale cloud operations. We build products that help organizations detect threats faster, respond with confidence, continuously reduce risk, and secure modern cloud environments at scale. This is an opportunity to help shape the future of autonomous cloud defense by building technology that turns security signals into meaningful action.
Key Responsibilities
Help build the next generation of the Autonomous Cloud SOC by transforming detections, posture findings, and emerging threats into intelligent investigation and response workflows.
Design and build automated playbooks that investigate security signals, gather evidence, assess blast radius, validate risk, and guide or execute response actions.
Work across cloud control planes, identity systems, Kubernetes environments, network telemetry, and posture data to turn signals into high-confidence outcomes.
Leverage existing detections, continuously improve investigation logic, and ensure response workflows remain effective as cloud environments and attacker techniques evolve.
Requirements:
4+ years in security engineering, cloud operations, incident response, threat hunting, DevSecOps, or related security disciplines.
2+ years of hands-on experience securing or operating environments within Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Infrastructure (GCI/GCP).
Strong experience with Kubernetes, containers, and modern cloud-native architectures.
Deep understanding of cloud networking concepts, including VPC Flow Logs, Transit Gateways, service meshes, and traffic patterns (East-West vs. North-South).
Strong comprehension of identity systems (IAM) and how policies interact with network controls to establish secure boundaries.
Experience with CI/CD pipelines and modern software delivery practices.
Proven experience with incident triage, investigations, containment, remediation, or formal operational response processes.
Experience with posture management, governance controls, or applying security best practices such as CIS Benchmarks and recognized cloud architecture frameworks.
Strong scripting or programming proficiency in languages such as Python, Go, or Bash.
Excellent communication skills, demonstrating the ability to clearly explain complex findings and facilitate alignment across cross-functional teams.
Preferred Qualifications
Experience working with large-scale data pipelines and analytics platforms such as BigQuery or Dataflow.
Familiarity with threat frameworks such as MITRE ATT&CK.
Recognized expertise or advanced certifications in cloud security, detection and response, or posture management across Amazon Web Services, Microsoft Azure, or Google Cloud.
Experience operating highly available, large-scale cloud environments.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8705009
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We're looking for a Senior Principal Threat Hunter to serve as a senior technical leader within our Cyber Defense Team team.

This is a high impact individual contributor role, you won't manage people, but you'll influence how we hunt, investigate

and respond to threats across cloud and SaaS environments at scale.

You'll be the person who takes a weak signal, a piece of emerging intelligence, or an unusual customer activity pattern and turns it into a meaningful investigation, a proactive hunt, or a new detection opportunity.

You'll lead the most complex investigations, drive threat intelligence initiatives, and help define the hunting methodologies that guide our customers' security outcomes.

As one of the team's most senior practitioners, you'll act as a force multiplier across hunting, intelligence, and incident response functions, elevating technical standards, mentoring peers, and helping shape the future of our detection and response capabilities.

What You'll Do
- Design and execute proactive threat hunts across cloud and SaaS environments (AWS, Azure, GCP, Okta, M365), grounded in current intelligence and ATT&CK-mapped adversary behavior.
- Mature and operate a recurring threat intelligence reporting function, turning intel into hunt leads, detection opportunities, and customer-facing narratives.
- Lead incident response investigations during US business hours, from scoping through root cause; step into the Incident Commander role when required.
- Continuously monitor threat detections and deliver responsive services with thorough event analysis and judgement.
- Triage and investigate security alerts across cloud and SaaS environments, separating true threats from noise and surfacing detection gaps to the detection engineering team.
- Leverage automation and AI tooling to scale impact, and propose improvements for processes, workflows, products, and policies.
- PLUS: Exposure to detection engineering, tooling and automation development, or prior managed services (MSSP) experience.
Requirements:
Who You Are
- 5+ years of experience in a security operations role, with a focus on threat hunting and/or threat intelligence
- Proven experience building or contributing to a structured threat hunt and/or threat intelligence program
- Incident response experience with the ability to lead investigations independently; Incident Commander experience a plus
- Working knowledge of cloud and SaaS environments (AWS, Azure, GCP, Okta, M365)
- Hands-on use of automation or AI tooling in security operations; demonstrated use, not just awareness
- Strong written and verbal communication, excellent analytical and problem-solving skills, highly independent and self-driven, and comfortable in a fast-paced and virtual environment
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8712541
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
31/05/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are seeking an experienced Incident Response leader to own and lead the companys response to large-scale, high-impact cyber incidents. This role is responsible not only for technical response, but for cross-company crisis coordination, executive decision support, and ensuring fast, controlled mitigation across engineering, product, legal, communications, and leadership teams.
This is a leadership role for someone who has personally led complex incidents under pressure - including situations involving material business risk, customer impact, regulatory exposure, and executive visibility.
Requirements:
10+ years in cybersecurity, with significant incident response management experience.
Proven experience leading large-scale, cross-company cyber incidents, including incidents involving:
Multiple engineering and operational teams
Executive leadership and board-level visibility
Demonstrated experience acting as Incident Commander or equivalent role during major security events for at least 15 incidents in the past 5 years.
Strong understanding of:
Cloud and SaaS architectures
Identity, access control, and infrastructure security
Detection and response technologies (SIEM, EDR, cloud-native tools)
Offensive background
Ability to translate technical facts into business impact and risk-based decisions.
Critical Skills & Attributes
Crisis leadership: Calm, decisive, and structured under extreme pressure.
Authority without ego: Able to lead across departments without formal reporting lines.
Executive communication: Clear, concise, and credible with senior leadership.
Systems thinker: Understands how technical, human, and process failures compound during incidents.
Bias for action: Moves quickly while maintaining discipline and documentation.
Analytical thinking: Attention to details and ability to connect multiple dots into a concise and accurate picture.
Previous experience at Mandiant, Sygnia, CrowdStrike, Unit 42, or similar elite IR teams
Experience in crypto, fintech, custody, payments, or highly regulated environments
Hands-on background in forensics, threat hunting, or security engineering
Nice to Have
Experience in crypto, fintech, cloud infrastructure, or highly regulated environments
Experience supporting regulatory notifications and post-incident audits
Background in forensics, threat intelligence, or security engineering
Familiarity with NIST, ISO 27035, or similar incident response frameworks (practical application, not
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8673510
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
Location: Tel Aviv-Yafo
Job Type: Full Time
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community

Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product

Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.
Requirements:
8+ years in security research, threat research, or closely related fields (offensive security, detection engineering, incident response, cloud security engineering). Fewer years are fine if your depth and track record are exceptional.
Deep multi-cloud expertise - strong hands-on experience across at least two of the major cloud providers (AWS, Azure, GCP), with working knowledge of the third. You understand the IAM models, logging pipelines, APIs, and attack surfaces that matter in each.
A track record of original research - you've published meaningful technical findings through blog posts, conference talks, open-source tools, or vulnerability discoveries that moved the needle. We want someone who doesn't just consume research - you produce it.
Strong adversarial mindset and critical thinking - you think like an attacker targeting cloud infrastructure, SaaS platforms, identity systems, and Kubernetes. You can model threat scenarios, map out attack paths, and poke holes in defenses.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8712545
סגור
שירות זה פתוח ללקוחות VIP בלבד