עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
A leading financial corporation is seeking a full-time IR (Incident Response) Team Lead based in Ramat Gan.
Role OverviewIn this role, you will manage and lead the IR team and its strategic work plan. You will spearhead complex, Tier-3 cyber investigations, forensics, and proactive threat hunting. Additionally, you will develop and enhance detection and defense capabilities (including EDR, SIEM, and Playbooks), manage external SOC operations (including SLA and quality control), and lead Purple Team exercises, Breach and Attack Simulations (BAS), and innovation initiatives.
Key Responsibilities- Leadership: Manage, mentor, and lead the technical IR team and oversee the execution of the team's work plan.
- Incident Response & Forensics: Lead complex, deep-dive Tier-3 cyber investigations, digital forensics, and proactive threat hunting across the organization.
- Detection & Engineering: Continuously improve and develop the company's defense posture, including optimizing EDR/SIEM capabilities and designing automated Incident Response Playbooks.
- Vendor Management: Manage relationship, operations, SLAs, and quality control of the external SOC provider.
- Offensive & Defensive Alignment: Lead Purple Team exercises, BAS initiatives, and drive innovative cybersecurity projects.
- Experience: At least 3 years of hands-on experience in Tier-3 cyber incident response and investigations.
- Leadership: Proven experience managing a technical cybersecurity team.
- SIEM/EDR Expertise: Deep experience working with enterprise EDR and SIEM platforms (specifically Sentinel or Splunk), including advanced query writing (KQL / SPL).
- SOC Management: Direct experience managing or working closely with an external SOC provider.
- AI Security: Deep understanding of AI technologies from both a threat perspective (adversarial AI) and defensive integration.
- Infrastructure Mastery: Comprehensive knowledge of IT infrastructure, networking, Windows/Linux operating systems, and Identity Management (Active Directory / Entra ID).
- Language: High proficiency in English.
- Familiarity with the MITRE ATT&CK framework.
- Hands-on experience in Purple Teaming, Red Teaming, BAS, or Penetration Testing.
- Relevant industry certifications: GCIH, GCFA, GCIA, OSCP, CRTO, etc.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.