We are looking for a Security Operations & Incident Response Engineer to join our fast-growing company at a breakthrough stage, where we are building our dream team with the most passionate and professional people in the industry.
Our security team blends cyber expertise with cutting-edge automation and AI. Were looking for someone who thrives in a fast-paced SaaS environment and is eager to make an impact.
Key Responsibilities
Security Engineering & Incident Response
Collaborate with the CISO and peers to shape and execute the companys security strategy.
Develop, maintain, and continuously improve security playbooks, processes, and response frameworks.
Manage the full lifecycle of security alerts from triage and investigation to response and escalation using our companys Case Management platform.
Perform access and configuration reviews across cloud, SaaS, and endpoint environments, and lead remediation efforts where needed.
SIEM & Automation Expertise
Develop and fine-tune detection rules in Splunk (or similar SIEM platforms) to increase detection quality and reduce false positives.
Utilizing our company to build and manage automated workflows to accelerate incident response and reduce MTTR.
Evaluate new security technologies and lead proof-of-concepts to improve existing controls.
Collaboration & Enablement
Partner with IT and Engineering to strengthen SaaS security practices.
Act as a trusted advisor across teams, promoting security awareness and best practices.
Communicate clearly in both Hebrew and English, providing documentation and updates to relevant stakeholders.
Our security team blends cyber expertise with cutting-edge automation and AI. Were looking for someone who thrives in a fast-paced SaaS environment and is eager to make an impact.
Key Responsibilities
Security Engineering & Incident Response
Collaborate with the CISO and peers to shape and execute the companys security strategy.
Develop, maintain, and continuously improve security playbooks, processes, and response frameworks.
Manage the full lifecycle of security alerts from triage and investigation to response and escalation using our companys Case Management platform.
Perform access and configuration reviews across cloud, SaaS, and endpoint environments, and lead remediation efforts where needed.
SIEM & Automation Expertise
Develop and fine-tune detection rules in Splunk (or similar SIEM platforms) to increase detection quality and reduce false positives.
Utilizing our company to build and manage automated workflows to accelerate incident response and reduce MTTR.
Evaluate new security technologies and lead proof-of-concepts to improve existing controls.
Collaboration & Enablement
Partner with IT and Engineering to strengthen SaaS security practices.
Act as a trusted advisor across teams, promoting security awareness and best practices.
Communicate clearly in both Hebrew and English, providing documentation and updates to relevant stakeholders.
Requirements:
Experience working in remote-first and SaaS-based organizations is a must.
Experience working with cloud platforms (AWS, GCP, Azure) and SaaS security tooling is a plus.
4+ years of experience in Cybersecurity, specifically in Incident Response and SOC environments.
Hands-on experience working with 24/7 security operations teams.
Experience working with automation platforms (SOAR, Hyperautomation) and/or scripting in Python/Bash.
Deep understanding and hands-on experience with SIEM platforms (preferably Splunk), including rule creation and tuning.
Strong grasp of cloud adversary techniques, attack vectors, and frameworks such as MITRE ATT&CK and Cyber Kill Chain.
Strong communication skills and ability to work independently in a fast-paced startup environment.
Experience working in remote-first and SaaS-based organizations is a must.
Experience working with cloud platforms (AWS, GCP, Azure) and SaaS security tooling is a plus.
4+ years of experience in Cybersecurity, specifically in Incident Response and SOC environments.
Hands-on experience working with 24/7 security operations teams.
Experience working with automation platforms (SOAR, Hyperautomation) and/or scripting in Python/Bash.
Deep understanding and hands-on experience with SIEM platforms (preferably Splunk), including rule creation and tuning.
Strong grasp of cloud adversary techniques, attack vectors, and frameworks such as MITRE ATT&CK and Cyber Kill Chain.
Strong communication skills and ability to work independently in a fast-paced startup environment.
This position is open to all candidates.
