Incident Response & Threat Hunting (24469)

Who Are We?

Yael Group is a leading group of companies in the market, providing advanced technological solutions across a wide range of fields to organizations across all sectors of the economy.

Job Description:

• Lead the end-to-end handling of cyber security incidents — including identification, response, containment, recovery, and post-incident investigation.
• Perform proactive Threat Hunting activities to identify malicious activity at an early stage.
• Conduct in-depth incident analysis (Root Cause Analysis) and derive lessons learned to improve organizational defenses.
• Develop and maintain Playbooks, response methodologies, and internal procedures.
• Work closely with the SOC team, architecture teams, infrastructure and application teams, as well as external parties (CERTs, vendors, regulators).
• Conduct forensic investigations across systems, endpoints, and networks as required.
• Analyze information from Threat Intelligence systems and integrate insights into security defenses.
• Lead periodic cyber exercises and Incident Response simulation scenarios.
• Manage and coordinate real-time cyber attack response activities in collaboration with infrastructure teams, end users, and senior management.

Job Requirements:

• At least 4 years of experience in Incident Response and/or Threat Hunting — mandatory.
• Relevant certifications/courses such as GCIH, SANS Institute 508/509, or a relevant academic degree — significant advantage.
• Deep familiarity with organizational security systems such as Firewalls, EDR, and SIEM platforms — mandatory.
• Experience analyzing network traffic and conducting forensic investigations on endpoints and servers — advantage.
• Familiarity with Microsoft Azure infrastructure and cyber incidents in hybrid environments — advantage.
• Experience working with Threat Intelligence platforms — advantage.
• Experience in team management or professional leadership — advantage.
• Excellent Hebrew and English skills (reading, writing, and speaking).
• Hands-on experience in defensive cyber security domains (protection, detection, response, maintenance, and rule writing), including prior experience handling large-scale incidents.
• Proven understanding of the cyber threat lifecycle, attack vectors, exploitation techniques, and attacker Tactics, Techniques, and Procedures (TTPs).
• Strong analytical thinking and data analysis skills, ability to work independently in a dynamic and mission-oriented environment, and excellent interpersonal communication skills with the ability to work across multiple interfaces.