Назад
Company hidden
5 дней назад

SecOps IR Engineer (Cybersecurity)

Формат работы
onsite
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
Israel
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

SecOps IR Engineer (Cybersecurity): Owning incident detection, triage, and response across infrastructure and the enterprise browser platform with an accent on automation and detection engineering. Focus on building automated response workflows, tuning SIEM/EDR rules, and hunting for threats in cloud-native environments.

Location: Tel Aviv

Company

hirify.global provides an enterprise platform that unifies AI enablement, network access, data protection, and identity into one coherent, secure workspace.

What you will do

  • Lead the full incident lifecycle, including detection, triage, investigation, containment, and post-mortems.
  • Develop, tune, and maintain detection rules across SIEM and EDR to maximize signal value and minimize false positives.
  • Build and improve automated response workflows using platforms like Torq to reduce manual toil.
  • Proactively hunt for threats and monitor the environment for anomalies aligned with the threat model.
  • Triage findings from cloud-native security tooling such as Wiz and AWS CloudTrail.
  • Contribute to the SecOps toolchain, integrating alert sources and maintaining incident response playbooks.

Requirements

  • 3+ years of hands-on experience in security operations, incident response, or detection engineering.
  • Practical experience with SIEM, EDR, and cloud security platforms (e.g., Wiz, Coralogix).
  • Proficiency in scripting and building security automation workflows (Torq, Tines, SOAR).
  • Strong grasp of attacker techniques and incident investigation methodology.
  • Ability to drive initiatives end-to-end in a fast-moving environment.
  • Location: Must be based in Tel Aviv

Nice to have

  • Experience with threat intelligence operationalization.
  • Familiarity with compliance frameworks such as SOC2.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →