דרושים » אבטחת מידע וסייבר » Digital forensics and incident response analyst- 2584

We are seeking a highly energetic and talented security analyst to join our Managed Detection and Response (MDR) team. As an MDR security analyst, your primary responsibility will be to identify and respond to security threats across our service customers. You will utilize the groundbreaking Threat Hunting System to proactively seek out unknown threats and enhance our hunting capabilities. Leveraging the Cloud data warehouse, you will develop threat hunting technics to effectively detect and address security threats. Moreover, you will serve as a trusted advisor to our MDR service clients, providing valuable insights into their security posture and the threat landscape they face
This position offers an exceptional opportunity for network security enthusiasts who are passionate about Network Security, Malware Analysis, Threat Hunting, and Threat Intelligence.
Responsibilities
Act as a Customer Security Advisor, conducting threat-hunting activities and performing security assessments on customer networks. Effectively communicate findings, recommendations for remediation, and mitigation strategies to customers
Serve as an escalation point for the SOC analysts, assisting in the investigation, analysis, and response to security incidents
Develop cyber kill-chain indicators of an attack and hunting heuristics to enhance the ongoing threat-hunting process
Enhance the product accuracy and its capacity to detect emerging threats within the dynamic security landscape.

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.
Responsibilities:
Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our security function, focusing on proactive reviews and providing advanced guidance to customers. This is an opportunity to develop your expertise in cloud security while working closely with analysts, researchers, and engineers.
Responsibilities:
Assist in fine-tuning our detection and response mechanisms.
Support proactive reviews of customer environments to identify risks, exposed attack surfaces, and recommend improvements.
Lead and conduct in-depth security investigations, documenting outcomes and developing playbooks to enhance future detection and response.
Collaborate with Security Analysts, Research, and Backend teams to enhance detection quality.
Contribute to the handling of complex or critical incidents escalated from Tier 1/2.
Participate in recurring customer meetings, helping translate security findings into clear, actionable recommendations.
Stay up to date with emerging threats, attack techniques, attack surfaces, and best practices in cloud security.
Contribute to the development and training of AI-driven detection models, leveraging machine learning to improve investigation accuracy and response efficiency.

We are looking for a highly motivated SOC/NOC Analyst to join our operations and security team. This role is responsible for monitoring, detecting, analyzing, and responding to security and network events across the organizations infrastructure and production environments.
The SOC/NOC Analyst will play a key role in maintaining service availability, identifying threats, investigating incidents, and ensuring timely escalation and resolution of operational and security issues. The ideal candidate is detail-oriented, analytical, and able to work effectively in a fast-paced, 24/7 environment.
Key Responsibilities :
Monitor security and network events using SIEM, monitoring, and alerting platforms.
Investigate alerts, anomalies, and incidents related to infrastructure, systems, applications, and network activity.
Perform first-level triage, validation, categorization, and escalation of security and operational incidents.
Respond to incidents involving suspicious activity, service disruption, connectivity issues, unauthorized access attempts, and infrastructure abnormalities.
Open, track, and update incidents in the ticketing system, ensuring accurate documentation and timely resolution.
Support incident response activities, including containment, evidence gathering, and post-incident analysis.
Monitor network performance, uptime, connectivity, and service health across production environments.
Assist in vulnerability management, log analysis, and security control validation.
Maintain runbooks, knowledge base articles, and operational documentation.
Contribute to process improvement initiatives to enhance monitoring coverage, response quality, and operational resilience.
Additional Notes :
This role requires shift-based work as part of a 24/7 monitoring and response function.

As a Security Analyst , you will work with network data and customer-facing teams to analyze raw traffic, create data-driven insights, and design solutions that enhance product value and address client needs.

Responsibilities
As a Security Analyst , Your impact will be:

Analyze raw network traffic to uncover anomalous activities.
Perform in-depth data analysis utilizing various tools
Take responsibility for all data needs for certain clients
Create useful and creative data queries
Investigate complex security incidents within cyber-physical environments.
Develop heuristics and logic-driven analysis by both security and network insights to improve the value of the product
Initiation, Prioritization, and design of R&D work based on customer needs
Work with customers and our customer-facing teams to design new features, improve their workflows, and address issues

Join our Operation team. Help drive our world-class threat monitoring and fraud detection platform securing organization funds. Be part of the analysts team, work with customers and key POCs, to provide an additional level of security and confidence, by leveraging unique intelligence feeds, threat logs, and IOCs. Collaborate with our world-class research team and various RnD teams as you help shape our product, help customers be more secure, and immerse yourself to the cyber fraud tech ecosystem.

Proactively monitor and review threats and suspicious events from our customers.
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Use multiple sources of our data intelligence trust network, external threat feeds, etc.
Support customer's payment processes and workflows.
Maintain excellent customer satisfaction through professional, proactive and personal service.
Work closely with our research and development team.
Contribute to our knowledge base by creating fraud analysis reports and best practices.

As a CyOps Analyst, you will be investigating security alerts from the Cynet platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with the Research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
* Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.

About Us:
We are a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 247 security experts. With a Partner First mindset, we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response.
You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.
If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.
Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

ActiveFence is seeking to hire a Fraud Threat Analyst to join the Intel Desk group. In this role, you will be responsible for researching, evaluating, and analyzing fraud detection mechanisms and vulnerabilities across various platforms and solutions. You will generate strategic insights from diverse intelligence sources, conduct OSINT investigations to identify fraud risks, and monitor online platforms to detect malicious activities. You will also focus on uncovering fraud tactics, behavioral vulnerabilities, and process bypasses while delivering actionable mitigation recommendations to clients. Key Responsibilities:
* Conduct investigations and identify fraud methods across web and mobile platforms (social media, forums, apps, and the darknet).
* Analyze large datasets to uncover patterns and deliver actionable insights.
* Monitor third-party websites and channels for malicious activities and fraud risks.
* Prepare detailed reports with findings, insights, and actionable recommendations.

About Alice:
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact—whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.

We are seeking a detail-oriented, self-driven Security Analyst, based in Israel, to join the Risk and Compliance team and operate our ISO-aligned Event Management Process end-to-end. This role is the front door for security events in our company - the person who makes sure that every reported security event (from employees, vendors, and automated monitoring) is triaged, classified, escalated where required, and closed with documented evidence.

The Security Analyst is both an operator and a process owner. This is an excellent entry-point role for a Computer Science graduate or similar background person looking to build a foundation in security operations and compliance. You will run the daily flow of events, partner with Corporate IT, R&D/DevOps, and the CISO to drive down events, implement improvements and take corrective and preventive actions. You will report directly to the Chief Information Security Officer and work closely with the broader employee base engaging them directly.
This role covers five primary pillars: Security Event Intake and Triage; Classification, Escalation and Coordination; Process Operations and Continuous Improvement and Ai Automation.
This is a temporary position with an hourly pay.


RESPONSIBILITIES:
Event Intake & Triage
Own the front door for all reported security events - internal security hotline , IT services alerts, employee reports and automated monitoring - and make sure nothing falls through the cracks.
Triage security events within defined SLAs; gather context from logs, endpoints, identity systems, and SaaS admin telemetry to make a fast, defensible first call.
Maintain the Security Event Register as the single source of truth for every reported event - timeline, evidence, classification, owner, status, root cause, and corrective actions.
Review mail service admin holds that require review and investigation, user engagement and follow-up
Classification, Escalation & IRT Coordination
Classify security events against the defined severity matrix; distinguish security events from incidents and apply the agreed escalation criteria consistently.
Notify the CISO when escalation criteria are met, evidence collection, and timeline capture during incidents.
Process Operations & Continuous Improvement
Own and operate our ISO-aligned Event Management Process end-to-end - from intake through triage, response coordination, closure, and lessons learned.