דרושים » אבטחת מידע וסייבר » Incident Response Analyst 25984

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 1 שעות
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
As the worlds leading vendor of Cyber Security, facing the most sophisticated threats and attacks, weve assembled a global team of the most driven, creative, and innovative people. At our company, our employees are redefining the security landscape by meeting our customers real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base.
Key Responsibilities
Responsible for daily incident management of customer incidents
Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation
Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies and artifacts
Ability to manage complicated global incidents
Ability to perform large-scale compromise assessments for customer environments
Build incident response plans and playbooks
Create attack scenarios for customer tabletop training exercises
Creation of detailed incident reports for customers and effective communication of findings to customers
Build and maintain sandbox/test lab environments to evaluate malicious code
Work within a team environment and will be responsible for coordinating work actions.
Requirements:
10+ years of cybersecurity experience out of which 2-5 years are experience performing incident response with an emphasis on system compromise analysis.
Experience of performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
Experience with enterprise security solutions, incident crisis management.
Experience with performing attack simulation for training security teams.
Experience with creating procedures and documented plans for security teams.
Ability to participate in on-call rotation, including at least one weekend a month.
Domestic and International travel may be required.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723363
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
Required Senior Intelligence Analyst, Threat Intelligence Delivery
About the job
In this role, being onsite and embedded with a customer several days per week, you will leverage our cyber threat intelligence to enable network defenders and customer Cyber Threat Intelligence (CTI) teams to defend against the threats they face. You will be supported and enabled by a network of colleagues and specialists right across Threat Intelligence and will contribute to our wealth of technical skills and CTI knowledge. You will have access to industry leading tooling and data and will work towards delivering on customer priority intelligence requirements. You will be supporting the customer's CTI defensive mission, helping their Security Operations Center (SOC), threat hunters, detection engineers, and CTI analysts counter threats and enable the safe and secure running of their networks and operations.
A recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
Build an understanding of the customers' CTI requirements. Identify their needs and opportunities for deployment of CTI within their operations to have the greatest defensive impact.
Track, research and contribute CTI analysis within Threat Intelligence, of customer's priority threat concerns.
Enable customer SOC analysts and Hunt teams to deploy and leverage our CTI.
Generate CTI and perform analysis of customer data, taking their bespoke sources to identify threat activity, or to build and automate investigative workflows.
Support the integration of CTI into customer's security processes and technologies, including Security Information and Event Management (SIEM) and Threat Intelligence Platform (TIP) systems. Write intelligence reporting against customer requirements, appropriate for their intelligence analysts or executive readers.
Requirements:
Minimum qualifications:
Bachelor's degree or equivalent practical experience.
5 years of experience in a customer-facing role in cyber intelligence and cyber operations.
Experience working with security operations functions such as SOC tier 1/2, Hunt teams, executive managers, Chief Information Security Officer (CISO).
Experience working in a government or military environment, developing cyber threat intelligence for network, host and log analysis, to enable the detection and response to cyber threats.
Experience analyzing Indicators of Compromise (IOCs ) including sandbox output.
Preferred qualifications:
Experience in leveraging cyber threat intelligence to describe, track and develop new intelligence on advanced persistent threats.
Experience in SOC operations, threat hunting, detection engineering and SOC workflow optimization.
Experience conducting/supporting incident response and investigations within enterprise environments.
Experience with network Intrusion Detection System (IDS) monitoring, Endpoint Detection and Response (EDR) solutions, SIEM, Security Orchestration, Automation, and Response (SOAR) integration, managing, contributing CTI into threat intelligence platform.
Understanding of core cyber security concepts, common enterprise IT infrastructure components, operating system internals and networking.
Eligible to obtain security clearance in Israel as this can be a client requirement.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8719201
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
3 ימים
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
As a CyOps Analyst, you will be investigating security alerts from the Cynet platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with the Research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
* Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.

About Us:
We are a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 247 security experts. With a Partner First mindset, we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.
Requirements:
* 1+ year of technical experience within the network, IT, or Cyber security domains
* Ability to work through shifts at a 24/7 SOC service
* Strong understanding of network architecture and protocols (e.g. HTTP, DNS)
* Hands-on approach to problem solving
* Ability to understand and learn complex technological systems and identify critical areas
* Exceptional analytical skills, creative out of the box thinking, analytical mindset with research orientation
* Strong presentation and training skills
* Experience in operating security tools (e.g. FW, IDS, SIEM, Endpoint protection)
* Fluent English (written and spoken) - a must
* Working as an analyst in a Cyber SOC - advantage
* Experience in exposing and exploiting vulnerabilities - advantage
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8456907
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
27/05/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
Join our Operation team. Help drive our world-class threat monitoring and fraud detection platform securing organization funds. Be part of the analysts team, work with customers and key POCs, to provide an additional level of security and confidence, by leveraging unique intelligence feeds, threat logs, and IOCs. Collaborate with our world-class research team and various RnD teams as you help shape our product, help customers be more secure, and immerse yourself to the cyber fraud tech ecosystem.

Proactively monitor and review threats and suspicious events from our customers.
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Use multiple sources of our data intelligence trust network, external threat feeds, etc.
Support customer's payment processes and workflows.
Maintain excellent customer satisfaction through professional, proactive and personal service.
Work closely with our research and development team.
Contribute to our knowledge base by creating fraud analysis reports and best practices.
Requirements:
3 years of experience in an analytical role in the cyber/fraud domain.
Exceptional analytical skills, creative out-of-the-box thinking, and analytical mindset with research orientation.
Self-initiative, multitasker, and problem-solving approach.
Experience in research, information collecting, monitoring, and analysis.
Professional and articulate with excellent written and verbal communication skills in English.
Experience with Python (advantage for Pandas or other data analysis tools).
Experience working and configuration rule engines - Advantage.
Experience with incident response, and computer forensic investigations - Advantage.
Working with data bases (no-sql) - Advantage.
Experience with AI coding tools such as Cursor, Codex, Claude Code or similar - Advantage.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8669063
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
15/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a SecOps Engineer to join our Security Operations team as the technical lead for Incident Response and Cloud Security.

The team is responsible for monitoring our production and corporate environments, responding to security incidents, and continuously hardening our cloud, network, and CI/CD posture. This role is the senior technical anchor of the function: the first responder during critical incidents, the architect behind our cloud and network defenses, and a technical mentor to the rest of the team.

You will own the Incident Response practice, lead our cloud security program across CNAPP, SASE/ZTNA, and CI/CD supply-chain security, and partner with Engineering, DevOps, and Platform teams to drive security improvements at scale. Participation in an on-call rotation for critical incidents is required.

How Will You Make an Impact?

Own our SASE/ZTNA stack: policy management, network security, secure access.

Own our CNAPP platform: workload protection, posture management, vulnerability prioritization.

Own our CI/CD security platform and drive software supply-chain security across the organization.

Serve as IR Expert: first responder for critical security incidents, owning detection, containment, eradication, and recovery.

Lead post-incident root-cause analysis and drive remediation across the organization.

Build and maintain IR playbooks, runbooks, and tabletop exercises.

Partner with DevOps and Platform teams on secure-by-default cloud architecture.

Contribute to broader security architecture decisions across the security stack.

Mentor more junior engineers on the team and lead technical reviews of their work.

Act as deputy to the SecOps Team Lead on strategic initiatives.

Participate in the critical-incident on-call rotation.
Requirements:
 3-4 years of hands-on experience in Security Operations or Security Engineering.

Demonstrated Incident Response leadership: You have run real incidents end to end, from detection through post-incident review.

Hands-on experience with CNAPP, CSPM, or CWPP platforms.

Knowledge of AWS, GCP, or Azure security primitives and cloud-native threat models.

Experience with SASE or ZTNA architectures.

Familiarity with CI/CD and software supply-chain security (e.g., GitHub Actions hardening, SLSA).

Scripting skills in Python (or equivalent) for automation, tooling, and IR support.

Working knowledge of MITRE ATT&CK and modern adversary tradecraft.

Ability to lead a war room, brief executives, and communicate clearly under pressure
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8695446
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.
Requirements:
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
Good knowledge of Linux OS internals, including both user and kernel space.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs.
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Background in EDR/XDR products or security solution development.
Experience in reverse engineering, including familiarity with debugging and disassembly tools such as GDB, IDA Pro, or Ghidra.
Experience in advanced data analysis, statistics, or machine learning for security applications.
Experience with Linux kernel development or vulnerability research.
Familiarity with virtualization platforms (e.g., ESXi/vCenter).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8718538
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
09/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as One.
This role is offered as a hybrid with expectations to come to the office in the Tel Aviv office in Israel at least 3 days per week. We are only able to accept applications for those based in Israel and have sponsorship to live and work in Israel.
What you'll do:
At our company, we empower people to be their best selves and do their best work. The Security Analyst role strengthens our ability to detect and respond to emerging mobile threats. With increasing mobile attacks and zero-day exploits, we need dedicated analysts to proactively protect our customers and expand detection coverage. As the analysts team has grown, this role now allows for broader coverage of emerging mobile threats and enables analysts to take on more diverse responsibilities. The expanded scope supports comprehensive threat research, detection development, and incident response, ensuring work is thorough,
prioritized, and aligned with evolving security challenges.
What you can expect to do in this role:
Research new ways to detect malicious activity on using a wide variety of custom-built tooling.
Participate on research how to protect users from 0-day attacks.
Perform analysis of detections according to the assignment to determine accuracy and precisions and tune detections accordingly based on results.
Stay up to date on the latest malware trends and design detections accordingly.
Support sales and marketing by timely information about emerging threats and trends.
Analyze device logs and search for malicious signs.
Write and manage detection patterns and algorithms to detect malicious mobile threats in Android and iOS devices.
Perform other duties and special projects as assigned.
Requirements:
What we are looking for:
Minimum 1-2 years of relevant professional experience.
Experience in extracting and analyzing data from mobile devices.
An understanding of cyber security and intrusion detection.
Excellent Python programming/scripting skills.
Mobile Malware Analysis expertise and strong interest in mobile security.
Great presentation skills and fluency in English.
Experience with detecting malware using Yara rules, an overall comprehensive understanding of incident response, a knowledge of using databases and writing queries (e.g. SQL, KQL) and ability to find and run a mobile exploits are a plus.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback is a plus.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8686701
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.
Responsibilities:
Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.
Requirements:
At least one year of experience in a SOC/MDR or Managed EDR service, including night and weekend shifts.
Strong analytical thinker, problem-solving mindset, and ability to succeed in a dynamic environment.
Independent, bright and positive analyst who strives for excellence.
Proficiency and experience with scripting (Python).
Strong capabilities in drafting cyber security reports for clients.
Basic understanding of the lifecycle of advanced security threats, attack vectors, and methods of exploitation.
Hands-on experience working with SIEM technologies. (e.g. Splunk, QRadar, ArcSight, Exabeam, etc.)
Familiarity with common data and log sources for monitoring, detection and analysis (e.g., Event Logs, firewall, EDR).
Strong technical understanding of network fundamentals, common internet protocols, and system and security controls.
Basic knowledge of host-based forensics and OS artifacts.
Familiarity with cloud infrastructure, web application and servers - an advantage.
Fluent English (written, spoken) - a must. Another language - an advantage.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8676375
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.
Requirements:
4+ years of experience in tactical threat hunting, cyber threat intelligence (CTI), DFIR, or advanced security operations.
Strong background in tactical threat intelligence, specifically identifying the discrete traces, artifacts, and behavioral fingerprints left by adversaries across diverse telemetry sources (endpoint, network, cloud, and identity).
Experience capturing and modelling incident data to map out intrusions and understand attacker behaviours.
Proven ability to develop & deliver verbal & written technical findings of attacker behaviour into clear, high-impact notifications for customers.
Experience translating threat intelligence into high-fidelity hunting hypotheses, detection logic, and log-based queries.
Preferred Qualifications
Experience in an Incident Response or Managed Services environment
Proficiency in Python and SQL
Familiarity with malware analysis
Published security blogs or research that shows a deep understanding of a particular threat.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8705661
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.
Requirements:
4+ years of experience in tactical threat hunting, cyber threat intelligence (CTI), DFIR, or advanced security operations.
Strong background in tactical threat intelligence, specifically identifying the discrete traces, artifacts, and behavioral fingerprints left by adversaries across diverse telemetry sources (endpoint, network, cloud, and identity).
Experience capturing and modelling incident data to map out intrusions and understand attacker behaviours.
Proven ability to develop & deliver verbal & written technical findings of attacker behaviour into clear, high-impact notifications for customers.
Experience translating threat intelligence into high-fidelity hunting hypotheses, detection logic, and log-based queries.
Preferred Qualifications
Experience in an Incident Response or Managed Services environment
Proficiency in Python and SQL
Familiarity with malware analysis
Published security blogs or research that shows a deep understanding of a particular threat.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8718533
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Identity Security Analyst who will focus on investigating and resolving customer-reported security bugs. In this role, youll sit at the intersection of security research, product engineering, and customer success: youll reproduce issues, analyze impact and root cause, coordinate fixes with R&D, and communicate findings back to customers in a clear, actionable way.

This is a hands-on, technical position ideal for someone who enjoys debugging, incident-style investigations, and direct customer impact.

Key Responsibilities

Bug Triage & Investigation

Review and prioritize customer-reported security bugs (vulnerabilities, false positives, detection gaps, performance/coverage issues).

Reproduce issues in lab environments using customer-provided data, logs, and configurations.

Validate whether a bug is product defect, configuration issue, environmental limitation, or expected behavior.

Security Analysis

Analyze suspected vulnerabilities, misconfigurations, or detection gaps to determine impact, severity, and likelihood.

Correlate product behavior with attack techniques (e.g., MITRE ATT&CK, AD / identity attacks, NTLM relay, Kerberos abuse).

Perform log and event analysis (Windows Security / Sysmon / AD / LDAP / application logs) to understand bug context and side effects.

Resolution & Fix Coordination

Work closely with R&D / engineering teams to:

Provide clear reproduction steps, data, and technical context.

Propose mitigations and contribute to detection or logic fixes.

Verify hotfixes and releases against customer scenarios.

Track bugs through their full lifecycle to ensure timely resolution and high SLA adherence.

Customer Communication

Collaborate with Support, Customer Success, and SEs to:

Explain root cause and resolution in customer-friendly language.

Provide interim workarounds or configuration guidance when needed.

Contribute to knowledge base articles, runbooks, and best-practice guides.

Quality & Continuous Improvement

Identify recurring patterns in customer bugs and propose long-term product or process improvements.

Help refine internal monitoring, alerting, and testing for security-sensitive components.

Contribute to test cases and validation criteria for new features from a security QA perspective.
Requirements:
2-4+ years in a technical security or support role, such as:

Security Analyst / SOC Analyst

Security Engineer

Technical Support Engineer in a security or infrastructure product

Scripting and automation skills in PowerShell to speed up investigation and test setup.

Solid understanding of:

Identity and access concepts (Active Directory, authentication, privileges, groups)

Basic networking and protocols (TCP/IP, DNS, HTTP/S, SMB, LDAP/LDAPS)

Hands-on experience with:

Debugging and reproducing complex customer issues in lab environments

Strong analytical and problem-solving skills; able to systematically break down ambiguous issues.

Excellent written and verbal communication skills in English; able to explain complex technical findings to both technical and non-technical audiences.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8695542
סגור
שירות זה פתוח ללקוחות VIP בלבד