דרושים » אבטחת מידע וסייבר » Senior Staff PM, AI SIEM Data Platform, Agent Log File Collection

We are seeking a Security Operations Engineer to join our Security team, reporting to the CIO. This is a hands-on role where you will design and operate security infrastructure, lead cloud security initiatives, and rethink our security architecture. You'll build AI-powered solutions to automate security triage and response, while partnering cross-functionally with DevOps, IT, and Engineering teams to drive security outcomes across the organization.
What you will do :
Design, implement, and operate security monitoring capabilities using a SIEM platform to detect, analyze, and respond to threats in real time. Deploy and manage EDR, DLP, CSPM, and other security controls across the environment.
Build and maintain cloud security architectures, ensuring strong IAM, network segmentation, encryption, and a zero-trust approach across all cloud deployments.
Continuously evaluate and evolve the security architecture and defense in depth strategy. Integrate tools and systems across the stack to enable unified telemetry, seamless data flow, and automated response actions.
Develop AI powered agentic solutions and operational automations using n8n. Use Infrastructure as Code to automate deployment, configuration management, and ongoing lifecycle operations for security infrastructure.
Create and tune detection rules, build log ingestion pipelines, and conduct proactive threat hunting. Lead monitoring, investigation, and remediation efforts using structured DFIR methodologies.
Embed security into CI/CD pipelines and broader DevSecOps workflows. Partner with DevOps, IT, and Engineering teams to integrate security into day to day operations and technical decision making.
Implement and maintain controls aligned with HIPAA, HITRUST, and SOC 2 requirements. Perform security assessments for vendors, SaaS platforms, and internal applications.

Shape the Future of Cybersecurity with Us Are you driven by deep curiosity, bold innovation, and the desire to transform cutting-edge AI research into real-world cybersecurity impact? Join Cynet, an established yet rapidly growing cybersecurity startup, where you’ll help build next-generation AI-powered security products from the ground up. You’ll be part of a small, elite, cross-disciplinary team working closely with security researchers, R&D engineers, data engineers, and product leaders.
Here, you’re not just joining a company, you’re stepping into a place where you can envision, build, and deploy foundational AI technologies that protect organizations worldwide. You will have the rare opportunity to drive innovation end-to-end, shape our future technology, and create AI systems that make a real difference in defending against modern cyber threats.
This is a role for someone who wants to put their soul into their craft, someone hungry to learn fast, experiment boldly, and turn ambitious ideas into production-ready AI solutions.

What will you do:

* Drive innovation by combining deep security research with modern AI techniques to build impactful, customer-facing security capabilities.
* Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis.
* Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end.
* Engineer and implement core parser and model components in C++ and Python to seamlessly integrate into the Cynet Endpoint Agent and platform infrastructure.
* Use Cynet’s ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models.
* Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions.

About Us:
Cynet is a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 24×7 security experts. With a Partner First mindset , we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.
This role follows a hybrid work model in countries where Cynet has offices (Israel, USA), while being fully remote in England, Poland, Italy, and Germany.

Were hiring our first Product Security Researcher (SOC & Incident Response) to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

We are seeking a highly skilled and experienced Principal Architect to join our dynamic team. As the Principal Architect, you will be responsible for overseeing the design, development, and implementation of our API security platform. You will play a critical role in defining the technical vision and roadmap, leading architectural decisions, and ensuring the scalability, performance, and security of our products.

Responsibilities:
Lead the technical architecture and design of Salt Security's API security platform, working closely with cross-functional teams, including engineering, product management, and security operations.
Define and drive the technical vision, strategy, and roadmap for the platform, aligning it with business objectives and customer needs.
Provide technical leadership and mentorship to the engineering team, promoting best practices, code quality, and continuous improvement.
Collaborate with stakeholders to gather requirements, analyze technical feasibility, and identify areas for innovation and differentiation.
Evaluate and select appropriate technologies, frameworks, and tools to support the development of robust, scalable, and secure solutions.
Ensure architectural consistency and integrity across different components, modules, and systems.
Conduct regular code reviews, architectural reviews, and performance assessments to maintain high standards of software quality.
Stay up-to-date with industry trends, emerging technologies, and best practices in API security and cloud computing, and apply that knowledge to enhance our platform.

We are looking for an experienced Security Architect to lead the design and implementation of advanced security solutions across our infrastructure, products, and cloud environments. In this role, you will work closely with engineering, DevOps, product, and SOC teams to ensure end-to-end protection, threat resilience, and security-by-design architecture.

Your Chain of Impact:

Design and implement scalable, secure architectures across cloud, application, and data environments
Lead security reviews, threat modeling, and risk assessments for new and existing systems.
Collaborate with R&D and DevOps to embed security best practices into development and deployment processes.
Define and maintain security standards, policies, and frameworks (Zero Trust, IAM, network controls, data protection, etc.)
Oversee integration of security controls, monitoring systems, and automated detection capabilities.
Partner with SOC teams to enhance detection, response, and incident management workflows.
Evaluate new security tools and technologies; lead POCs and drive strategic decisions.
Provide security guidance during architecture planning, code reviews, and product design.

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.