עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
You'll work closely with IT and the Cloud Security team - taking the lead on investigation, triage, and response while they own the underlying cloud and SDLC architecture - and turn complex security signals into structured, AI-assisted, largely autonomous outcomes - fighting fire with fire.
Responsibilities
Architect and own Port's AI-driven detection and response stack, integrating SIEM, XDR, SOAR, EDR, and IAM into a single automated fabric rather than siloed tools.
Deploy and tune AI agents to handle first-line alert triage, enrichment, and investigation, with humans engaged only for true edge cases - manual L1 triage is the exception, not the default.
Build SOAR playbooks and integrations across the security and IT toolchain (endpoint, identity, ticketing, chat) so detection, enrichment, and remediation run automatically end to end - regardless of which system or platform an alert originates from.
Own the alert pipeline as a whole: unify signals from EDR, IAM, and other sources - including cloud and SaaS alerts surfaced by the Cloud Security team - into one triage and response workflow, so nothing falls through the cracks between tools.
Evaluate and integrate best-of-breed, AI-native security tools - SIEM, XDR, SOAR, EDR, email security, AI guardrails, ZTNA, and others - wiring each into the unified detection and response fabric rather than running them as siloed point solutions. Hands-on tool integration (APIs, connectors, log and telemetry ingestion) is a core skill for this role, not an occasional task.
Drive vulnerability and patch management across corporate systems and endpoints, automating prioritization and remediation workflows and coordinating with IT against strict SLAs.
Build and tune detection rules specific to Port's environment, treating detection as code and feeding AI-driven correlation across the XDR layer.
Maintain security dashboards (MTTD/MTTR, automation rate, % of alerts resolved without human touch) and report on how automation is cutting noise and response time.
3+ years of experience in security operations, SecOps, or security engineering roles.
Hands-on experience operating EDR/XDR. SOAR/XSOAR, SIEM platforms and cloud security services (IAM, CSPM, SSPM).
Experience building automations and playbooks using SOAR platforms or scripting (Python, Bash).
Strong incident response skills, including triaging alerts and conducting root cause analysis.
Hybrid position based in our Tel Aviv office.
Excellent written and verbal English skills
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
משרות נוספות מומלצות עבורך
-
SecOps Engineer (Automation & Cloud Security)
-
רמת גן
Viber
-
-
SecOps Engineer / Security Implementation Specialist
-
תל אביב - יפו
Up Security (Formerly Wake-up Cyber)
-
-
Security Operations & Automation
-
תל אביב - יפו
Port.io
-
-
SecOps Engineer
-
תל אביב - יפו
Deloitte
-
-
SecOps Engineer (Automation & Cloud Security)
-
בני ברק
Viber
-
-
Senior SecOps Engineer
-
תל אביב - יפו
UVeye
-