Security Response Engineer

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.

We’re driving progress in some of the world’s most important industries - from the bottom of the oceans to the depths of space and cyberspace - and from manufacturing to engineering, we work together to build a future we can all trust.

Imperva, a Thales company, is a globally recognized cybersecurity leader, dedicated to securing data and applications across diverse environments. Our cutting-edge solutions empower organizations to safeguard their most critical assets, ensuring robust protection against emerging threats.

We’re proud to be recognized as one of Israel’s Top 50 High-Tech Companies to Work For in 2024 (Dun & Bradstreet) and offer a flexible hybrid work model from our Rehovot office.

We’re looking for a Security Response Engineer with strong expertise in Web Application security to join our Advanced Security Response Team (ASRT).

The Advanced Security Response Team is dedicated to the first response for security incidents, focusing primarily on the operational aspects of web application security. This includes analyzing threats, suggesting immediate remediation and mitigation methods, and actively working to block attacks in real time.

The scope of activities spans network layers 3, 4, and 7, covering a broad spectrum of threats. This includes defending against DoS & DDoS attacks, brute-force attempts, scraping, filtering unwanted traffic, as well as initial analysis and mitigation of application attack vectors such as XSS, SQL

injection (SQLi), and remote code execution.

Another important responsibility of the ASRT is managing false positives. The team will investigate root causes of these misfires, propose optimal solutions to prevent recurrence, and apply necessary changes.

The ASRT works closely with the first-tier support team, serving as the focal point for security-related events and incidents. Additionally, the team maintains a two-way communication channel with the Imperva Threat Research team to share findings, exchange consultation, and stay updated on current security policies.

As a member of the ASR team, the specialist is expected to have a strong working knowledge of web application security and the current threat landscape, combined with in-depth familiarity with Imperva's security policies and processes. Proficiency with relevant tools and methodologies is required, and

continuous learning in security-related topics is encouraged.

This is a full-time position that requires weekend availability and participation in a rotating weekend shift due to the real-time nature of security response.

Key Responsibility:

• Takes full responsibility for incidents from start to resolution.
• Follows through on actions, especially during critical events, including weekends and off-hours.
• Delivers accurate, fast, and high-quality responses to live security threats.
• Balances speed and precision under pressure.
• Works effectively across teams: Support, Threat Research, and Product.
• Explains technical threats clearly and concisely to both technical and non-technical stakeholders.
• Understands the customer impact of threats and mitigations.
• Prioritizes real-world outcomes over theoretical perfection.
• Keeps up with evolving attack vectors and adjusts accordingly.
• Open to feedback and continuous improvement of skills and processes.
• Handles sensitive security data with discretion and integrity.
• Makes decisions grounded in doing what’s right for the customer and the company.
• Maintains clear thinking and communication during high-stress situations like active attacks.
  
  

• At least one year of hands-on experience in the security or networking fields.
• Working knowledge of TCP/IP, HTTP/S, DNS, SSL, OWASP Top 10 Attacks (SQLi, XSS, RCE, RFI, LFI).
• Excellent communication skills.
• Advantage for experience in scripting languages: Python, Bash.
• Familiarity with popular tools in the industry of AppSec and their usage : Burp Suite, Postman, Wireshark.
• Fluent in English at a high level, both in writing and speaking.