Security Threat Analysis Team Lead

Description:

Paragon is on a mission to transform the world of cyber intelligence.

Based in Tel Aviv, our innovative team is made up of top-tier talent who are passionate about making an impact. At Paragon, you’ll have the freedom to think boldly, collaborate with purpose, and grow alongside a team united by a shared mission; striving for excellence, and always looking out for one another.

We are looking for a Security Threat Analyst Team Leader to lead our Threat Analysis team within the security organization.

The team is responsible for the full lifecycle of security monitoring, incident response, and threat hunting, protecting highly sensitive operational environments.

This role combines hands-on technical expertise with team leadership, focusing on improving detection capabilities, response processes, and overall SOC maturity.

• Lead, mentor, and manage a team of security analysts, including setting priorities, workflows, and investigation standards
• Act as the escalation point for complex security incidents and lead end-to-end incident response efforts
• Oversee monitoring and analysis of security events across SIEM, EDR, and network systems
• Improve alert quality, drive noise reduction, and lead initiatives to identify and close detection gaps
• Drive proactive threat hunting activities and develop new detection use cases
• Build and improve playbooks, runbooks, and investigation methodologies
• Define and track KPIs and operational metrics to improve SOC performance and efficiency
• Enhance SOC maturity and readiness, including process improvements and automation initiatives
• Collaborate closely with R&D, DevOps, Infrastructure, and Security Engineering teams

• 4+ years of experience in SOC / Threat Analysis / Incident Response
• At least 2 years of experience in a hands-on team management role (Security / SOC team)
• Strong hands-on experience with SIEM, EDR, and log analysis
• Experience defining SOC processes, KPIs, and workflows
• Proven hands-on experience in Threat Hunting
• Experience working with on-premise network environments
• Solid understanding of monitoring & detection, incident response lifecycle, and network/endpoint security
• Experience investigating complex security incidents in production environments
• Strong analytical and problem-solving skills

Advantages

• Experience managing or building a SOC
• Experience improving SOC maturity (e.g., SOC-CMM or similar frameworks)
• Experience with Threat Intelligence platforms
• Experience in detection engineering (rules, correlations, Sigma, etc.)
• Scripting experience (Python / Bash)