דרושים » אבטחת מידע וסייבר » Customer Focus Analyst Weekend Shifter (Unit 42)

We are seeking a driven problem solver to join our Unit 42 MDR team.
Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a Senior MDR, we will rely on you to manage a team of experts who detect and respond to cyber incidents facing customers internal business.
As a Senior, you will join a team of managers who overlook the Unit 42 MDR team to ensure premium delivery to our customers and also have a critical role in how the team works, but also be able to create new processes, methodologies and capabilities that the team requires.
Your Impact
Hire for and lead a team of MDR Analysts working globally, guide the team, create and improve processes, methodologies and capabilities that the team requires to work effectively
Lead a team that analyzes incidents from real customer environments to identify ongoing threats to customer environments
Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire companys customer base
Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats.

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

Were hiring our first Product Security Researcher (SOC & Incident Response) to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Were looking for an Automation Security Analyst whos eager to help shape and strengthen our And strengthen our SOC and IR. Youll play a key role in developing a dynamic and evolving security environment, driving efforts to automate alert handling and streamline incident response. If youre passionate about cybersecurity, automation, and creative problem-solving, wed love to hear from you.

Responsibilities:
Develop and implement automation workflows to improve alert investigation and response efficiency.
Investigate and respond to security alerts, ensuring timely and effective resolution of incidents.
Identify false positives and collaborate on SIEM/SOAR tuning to enhance detection accuracy.
Apply creative, out-of-the-box thinking to solve complex security challenges and strengthen SOC capabilities.
Handle phishing incidents, including analysis, containment, and mitigation efforts.
Work closely with IT and DevOps teams to resolve security issues and promote best practices.
Contribute to the growth and maturity of a dynamic SOC team.
Participate in on-call rotations for incident response outside of regular working hours.

XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. XM Cyber transforms exposure management by demonstrating how attackers leverage and combine misconfigurations, vulnerabilities, identity exposures, and more, across cloud and on-prem environments to compromise critical assets. With XM Cyber, you can see all the ways attackers might go, and all the best ways to stop them, pinpointing where to remediate exposures with a fraction of the effort. We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships. Responsibilities:
* Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
* Deliver continuous security posture assessments by leveraging the XM Cyber platform to translate complex technical findings into actionable, risk-based insights for customers.
* Master the XM Cyber platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
* Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
* Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
* Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
* Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

we are looking for a Managed Cloud Detection and Response Analyst to join our newly established team. The team is responsible for monitoring customers cloud environments and workloads, triaging security alerts, and mitigating cyber incidents.
WHAT YOULL DO
Continuously monitor customers cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents.
Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively.
Work closely with customer teams to guide and assist with investigation and remediation of incidents.
Create and deliver incident reports that document findings and response actions taken for customers.
Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customers specific cloud environment.
Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team.
Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods.

Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

As a Research Analyst, your responsibilities will include developing, managing and improving existing detection methods, correlating and discovering relationships between events and incidents, and producing research proposals, publications, and analysis reports. You will contribute to process improvement and efficiency by researching, assessing, and analyzing threat actors and adversary tactics and techniques based on real-world observations. We're looking for a motivated and seasoned security professional with the technical skills to analyze malware, conceive, design, and develop new methods or approaches to address cyber security threats/attacks. We value deep knowledge of hacking methodologies, a proven track record in delivering impactful cybersecurity solutions, and a strong drive to contribute meaningful security insights to our community!

About Us:
Cynet is a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 24×7 security experts. With a Partner First mindset , we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.

As a Cloud Security Analyst, you will join our global SOC team. A small, highly technical team that owns key parts of Vias security operations. This role is perfect for someone who is motivated and eager to make an impact, and who wants to take meaningful ownership in a cloud-native environment.You will investigate real incidents, improve detections, collaborate with engineering, support AI initiatives, and strengthen Vias security posture end-to-end.

What Youll Do:

Monitor, investigate, and respond to security events across cloud and SaaS environments
Tune detections, signatures, and guardrails to reduce noise and improve accuracy
Develop and maintain SOC playbooks, processes, and response guidelines
Perform intrusion analysis and contribute to threat intelligence correlation
Conduct proactive threat hunting and surface emerging risks
Lead hands-on technical investigations and incident containment
Work with SecOps engineers to design automated remediation flows
Build dashboards, advanced alerts, and visibility for critical events
Continuously improve SOC capabilities by bringing new ideas and approaches