דרושים » אבטחת מידע וסייבר » Incident Response & Threat Hunting לארגון רפואי באזור המרכז

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response.
You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.
If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.
Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

We are looking for a Security Engineer to join our Security Operations team and grow into our SOAR and automation specialist.

The team is responsible for monitoring our environments, identifying and responding to security alerts, and continuously improving how we detect and respond to threats. This role focuses on the automation side of the function: building the workflows that make the rest of the team faster, from automated alert triage to enrichment pipelines to response playbooks.

You will work closely with senior engineers on the team to build and maintain SOAR content, integrate our security tools, and support detection deployment efforts. This role offers a strong opportunity to grow professionally in the security field, with direct exposure to detection engineering, incident response, and a modern enterprise security stack.

How Will You Make an Impact?

Own day-to-day operation of our SOAR platform.

Build and maintain automation playbooks for alert triage, enrichment, ticketing, and notifications.

Build and maintain integrations between SOAR and the broader security stack via APIs.

Monitor integration health, API connections, and credential rotation across automated workflows.

Measure and report on automation impact: alerts auto-resolved, analyst time saved, and MTTR reduction.

Support detection engineering on testing, deployment, and rollout of new content.

Write small scripts to support ad-hoc threat hunting and IR work.

Create and maintain technical documentation for playbooks and integrations.

We are seeking an experienced Incident Response leader to own and lead the companys response to large-scale, high-impact cyber incidents. This role is responsible not only for technical response, but for cross-company crisis coordination, executive decision support, and ensuring fast, controlled mitigation across engineering, product, legal, communications, and leadership teams.
This is a leadership role for someone who has personally led complex incidents under pressure - including situations involving material business risk, customer impact, regulatory exposure, and executive visibility.

We are looking for a hands-on security researcher who combines an attacker mindset, fraud-domain curiosity, strong technical depth, and data analysis skills. You will investigate real-world fraud patterns, reproduce attacker techniques, analyze telemetry, enrich our data collection capabilities, discover new security signals, and work closely with product, data, and engineering teams to turn research insights into production-grade detection and prevention mechanisms.
This role is especially relevant for researchers with experience in browser technologies, mobile-native applications, or both. You may work on desktop and mobile browsers, browser APIs, browser automation, client-side signals, native mobile applications, Android/iOS behavior, mobile security, emulators, device signals, and mobile automation.
You will help expand our visibility into new signals and patterns that improve fraud detection, model performance, and customer protection.
If you are a talented researcher who enjoys solving complex problems, working with messy real-world data, and building practical defenses against modern fraud and abuse, we want you to join our team.