דרושים » אבטחת מידע וסייבר » Technical Director, DFIR (Unit 42)

This client-facing role requires the Principal Consultant to lead and produce deliverables for reactive services engagements. You will work directly with multiple customers and key stakeholders, from technical administrators to the C-Suite, to manage incident response engagements from start to finish and provide expert guidance on long-term security posture remediation.
Key Responsibilities
Manage end-to-end incident response engagements, including scoping work, guiding clients through forensic investigations, containing security incidents, and providing long-term remediation recommendations.
Perform reactive incident response functions, including host-based analysis of Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
Investigate data breaches by leveraging digital forensics tools (e.g., EnCase, FTK, X-Ways, SIFT, Splunk) to determine the root cause of compromises and malicious activity.
Examine firewall, web, database, and other log sources to identify evidence of malicious activity, focusing on the details to ensure a thorough and accurate investigation.
Proactively collaborate with and mentor junior team members, sharing expertise in incident response and forensics best practices to empower others and ensure team alignment.
Effectively communicate complex technical findings and strategic recommendations to both technical and executive-level stakeholders.
Travel as needed to meet client engagement demands, typically averaging 20%.

looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

Main Responsibilities

Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigations, as well as security assessments.

Guide and empower team members, enhancing their technical and research skills.

Lead client-facing projects including incident response and hunting efforts for large-scale sophisticated attacks, to contain and defeat real-world cyber threats.

Collaborate and work with clients IT and Security teams during investigations.

Design and improve internal incident response technologies, methodologies, and processes.

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the XM Cyber platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.

Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

We are looking for a strategic leader to evolve our Threat team into a comprehensive
Deep Research Group
. As the Head of Research, you will lead innovation across AI Security, Threat Intelligence, and our company Intelligence, transforming raw research into core platform differentiators. This is a pivotal leadership position responsible for delivering high-signal content and product-impacting discoveries that will directly influence our expansion into the enterprise market.
What You Will Build
●
Deep Research Strategy:
You will oversee the creation of next-generation security modules derived from our companys unique runtime data, transforming raw telemetry into actionable defense mechanisms and automated workflows
●
Premium Intelligence:
You will drive the development of unique intellectual property and detection capabilities that allow us to launch differentiated, premium service offerings.
● Market Impact:
Your group's research will serve as a growth engine, powering our PR, community credibility, and enterprise readiness for high-stakes environments.
Responsibilities
●
Organizational Leadership:
Lead, mentor, and scale a diverse group, including the Threat Research Team, Offensive Research Team, AI Research & Innovation Team, and OSINT/Vulnerability squads
●
Strategic Delivery:
Oversee the lifecycle of major research initiatives, from initial discovery to full productization, ensuring deep technical findings are translated into user-facing value.
●
Proactive Hunting:
Drive a proactive hunting strategy, utilizing external scanning and internal signals to uncover emerging campaigns and validate novel threats before they become widespread.
● Cross-Functional AI Integration:
Collaborate with the AI Lead and Engineering to integrate proprietary intel into our detection models and strengthen our AI-driven security architecture.

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

we are the world leader in accelerated computing, defining the future of AI and high-performance networking. We are seeking a committed Product Security Processes and Operations Engineer to join us and drive various strategic product security operational activities. This is a critical, hands-on role where you will focus on the execution and delivery of security initiatives across our company Networking.
You will orchestrate vulnerability response, supervise security features implementation, and ensure process consistency, serving as a central coordinator for security execution across engineering teams building the core of the world's largest AI clusters.
What You Will Be Doing:
You will serve as an operational core for security execution, leading security vulnerability response and feature delivery across product teams:
Contribute to the definition and improvement of comprehensive security processes across various engineering teams and subject areas.
Drive end-to-end operational execution of vulnerability workflows, including rapid assessment, triage, tracking, and coordination of mitigation efforts for variety of issues and security incidents.
Ensure engineering teams consistently adhere to established product security procedures, helping teams interpret and apply the policies requirements.
Supervising the execution of new security features through the product development phases, ensuring timely delivery and integration by engineering teams.
Deliver existing product security training modules and maintain operational documentation for security processes to ensure clarity and consistency across development teams.
Support the operational steps required for existing internal and external security compliance and certification initiatives, gathering evidence and tracking required work.

We are looking for an experienced Security Architect to lead the design and implementation of advanced security solutions across our infrastructure, products, and cloud environments. In this role, you will work closely with engineering, DevOps, product, and SOC teams to ensure end-to-end protection, threat resilience, and security-by-design architecture.

Your Chain of Impact:

Design and implement scalable, secure architectures across cloud, application, and data environments
Lead security reviews, threat modeling, and risk assessments for new and existing systems.
Collaborate with R&D and DevOps to embed security best practices into development and deployment processes.
Define and maintain security standards, policies, and frameworks (Zero Trust, IAM, network controls, data protection, etc.)
Oversee integration of security controls, monitoring systems, and automated detection capabilities.
Partner with SOC teams to enhance detection, response, and incident management workflows.
Evaluate new security tools and technologies; lead POCs and drive strategic decisions.
Provide security guidance during architecture planning, code reviews, and product design.

Were looking for a highly skilled Cybersecurity Governance, Risk, and Compliance Engineer with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology - ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.