Incident Response & Threat Hunting (24469)

Who we are:

Yael Group is a leading technology solutions provider in the Israeli market, delivering advanced and innovative IT services to organizations across diverse industries.

Job Description:

• Leading end-to-end handling of cyber incidents: identification, response, containment, recovery, and investigation
• Performing proactive Threat Hunting to enable early detection of malicious activity
• Conducting in-depth incident analysis (Root Cause Analysis) and deriving lessons learned to improve security controls
• Developing and maintaining Incident Response playbooks, methodologies, and internal procedures
• Working closely with SOC teams, architecture, infrastructure and application teams, and external entities (CERT, vendors, regulators)
• Conducting forensic investigations of systems, endpoints, and network as required
• Analyzing data from Threat Intelligence systems and integrating insights into security defenses
• Leading periodic drills and simulated Incident Response scenarios
• Managing and supporting real-time response to cyber attacks in collaboration with infrastructure teams, end users, and senior management

Job Requirements:

• At least 4 years of experience in Incident Response / Threat Hunting – mandatory
• Relevant training and certifications (GCIH, SANS 508/509) or a relevant academic degree – significant advantage
• In-depth familiarity with organizational security systems (FW, EDR, SIEM) – mandatory
• Experience in network traffic analysis and forensic investigation of endpoints and servers – advantage
• Familiarity with Azure cloud infrastructure and cyber incidents in hybrid environments – advantage
• Experience working with Threat Intelligence platforms – advantage
• Experience in team management or professional leadership – advantage
• Full proficiency in Hebrew and English (reading, writing, and speaking)
• Hands-on experience in defensive cybersecurity domains (protection, detection, response, maintenance, rule writing), including experience with large-scale incident response
• Strong understanding of the cyber threat lifecycle, attack vectors, exploitation techniques, and adversary TTPs
• High analytical skills, ability to work independently in a dynamic, task-oriented environment, excellent interpersonal communication, and ability to work across multiple interfaces