CSIRT and SIEM Engineer

  • רעננה
  • משרה קבועה
  • משרה מלאה
  • לפני 27 ימים
A challenging role that combines operational activity as part of the corporate CSIRT team (approximately 60%) with responsibility for the development, maintenance, and continuous improvement of the corporate SIEM system (approximately 40%).Responsibility for responding to cyber incidents, investigating attacks, performing Threat Hunting combined with content development, writing monitoring rules and Playbooks, as well as a force multiplier for ongoing maintenance of the organizational SIEM systemAreas of responsibility:
  • Responding to cyber incidents as part of the CSIRT team including investigation, classification, prioritization of treatment and drawing lessons
  • Performing Threat Hunting and detecting vulnerabilities based on cyber intelligence, logs and security tools
  • Analyzing logs from operating systems, communication equipment, applications and defense systems
  • Working with diverse information security systems
  • Familiarity and working with cloud environments and security tools in these environments
  • Developing and maintaining the SIEM system, both infrastructural and application-oriented (writing Alerts, building Dashboards, characterizing and writing Playbooks)
  • Continuous improvement of monitoring content, identification capabilities and process automation using scripts (Python, PowerShell)
  • Integration between SIEM and defense systems and additional information sources and security tools
  • Supporting processes Critical and compliance with information security and regulatory requirements
Requirements:
  • At least 3 years of experience in the field of SIEM / SOC / / Information Security / SYSTEM / Communication
  • Proven experience in investigating and responding to cyber incidents (Incident Response)
  • Experience working, developing, maintaining SIEM systems
  • Understanding information security and cyber protection
  • In-depth knowledge of communication protocols and communication channels (TCP / UDP / SSH / HTTP / SMTP / WEBSOCKETS / API)
  • In-depth knowledge of Windows operating systems
  • In-depth knowledge of working with LINUX
  • Experience in Active Directory / IDP / SP / Entra AD
  • Familiarity with Threat Intelligence / OsInt tools
  • Experience with Forensics and computer / network investigations tools
  • Mastery of cyber concepts, types of attacks and mitigation plans
  • Readiness to work on call / around the clock if necessary
  • Ability to write scripts (Python / PowerShell)
  • Professional certifications in the field of cloud
הגש מועמדותמשרות דומות שיכולות לעניין אותך19/07/2025תל אביבPax IntelligenceCompany DescriptionAt Pax Intelligence, we focus on providing actionable, context-rich threat intelligence seamlessly integrated into existing s...23/07/2025תל אביבKELA - Cyber Threat IntelligenceKELA, the global leader in actionable threat intelligence, is looking for a new Sales Engineer to join the Sales Engineering and Customer Success ...27/07/2025תל אביבGO4iTA leading and innovative company in the field of cyber threat intelligence is looking for an experienced VP Engineering to join the executive team...28/07/2025תל אביבPalo Alto Networks**Our Mission**At Palo Alto Networks® everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting ou...25/07/2025תל אביבMicrosoftCome build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. Th...16/07/2025תל אביבActiveFenceActiveFence is seeking a highly motivated and detail-oriented individual to join our team as a Violent Extremism Researcher with a focus on South-East...31/07/2025תל אביבCheck Point SoftwareWhy Join Us?Cyberint, a market leader in External Risk Management (ERM), empowers organizations to proactively detect, respond to, and remed...07/08/2025תל אביבKELA - Cyber Threat IntelligenceAbout KELAKELA provides Intelligence-Driven Threat Exposure Management solutions, empowering organizations to detect, monitor, and mitigate exte...16/07/2025רעננה, 13.91 ק"מ ממיקומךElbit Systems IsraelBusiness Development manager Cyberזיהוי דרישה: 4265מיקום גאוגרפי: שרוןחברה: ElbitSystemsעיר: רעננהתאור משרהWe are ...קצת עלינוMploy הוא לוח דרושים מבוסס AI, שנועד לסייע למחפשי עבודה ולמעסיקים כאחד, תוך יצירת פלטפורמה חדשנית, איכותית המובילה את שוק העבודה בישראל.אנו מאגדים משרות עדכניות מאלפי מקורות בארץ, ומנגישים אותן ביעילות באמצעות סוכן AI חכם שמתאים משרות רלוונטיות למועמדים ומאפשר הגשת מועמדות בלחיצת כפתור.הפלטפורמה שלנו מציעה התאמות משרות מבוססות בינה מלאכותית עם אחוז התאמה אישי, קבוצות WhatsApp ייעודיות לפי תחום, ואפליקציה מתקדמת שמאפשרת חיפוש ושליחת קורות חיים מכל מקום ובכל זמן.Mploy אצלכם בוואטסאפ✨ רוצים להתעדכן בכל המשרות הכי שוות ישר לנייד?הצטרפו לקבוצות הוואטסאפ שלנו וקבלו את כל ההצעות המתאימות - בלי לחפש, ובלי לפספס. מחכים לכם! 📱😊

Mploy

הצעות עבודה דומות

  • SW Developer (Data Engineer)

    • רעננה
    In this role, you will join a team that develops new features for our product. The team is responsible for the developing a data-based product that use cutting-edge technologies su…
    • לפני חודש

  • Senior Java Engineer

    • רעננה
    A Global software company is looking for a Senior Java Engineer to join its Cloud Analytics team and help develop complex, AWS-based micro-services for the global platform. What …
    • לפני חודש

  • Manual QA Engineer

    • רעננה
    We are looking for an experienced manual QA engineer to join our growing QA team in testing, verifying & debugging our counter-drone systems. Our ideal candidates have proven exp…
    • לפני חודש