Security Engineer (Detection & Response)

TL;DR

Security Engineer (Detection & Response): Building and maintaining security monitoring infrastructure solutions for multi-cloud environments with an accent on developing detection strategies, triaging alerts, and driving security incidents to closure. Focus on leveraging threat detection and response experience, implementing business-focused controls, and proactively improving detection rules.

Location: Hybrid work model, requiring onsite presence three days per week for candidates residing within 45 miles of a hirify.global office. Offices are located in several cities across the globe, including Tel Aviv.

Company

hirify.global is a rapidly growing cybersecurity company focused on empowering employees and recognized as a top startup to work for.

What you will do

• Collaborate with different teams for building and setting up security telemetry pipelines.
• Build and maintain an effective and scalable security monitoring infrastructure solution.
• Develop detection strategies to identify anomalous activity and drive security incidents to closure.
• Research new threat attack vectors and ensure detection and response capabilities align with the current threat landscape.
• Proactively improve the quality of detection rules by working directly with engineering teams.
• Pragmatic implementing business-focused controls to safeguard the company´s multi-cloud entities and ensure compliance.

Requirements

• 5+ years of relevant industry experience.
• Strong domain knowledge in security incident detection and response, with a proven ability to operate, optimize, and enhance the effectiveness of the Security Operations Center (SOC).
• Demonstrated experience with effective incident response and containment practices, preferably in a cloud-first environment.
• Hands-on experience with operating SIEM and SOAR platforms (e.g., Splunk, Microsoft Sentinel).
• Experience in managing and fine-tuning CNAPP platforms (e.g., WIZ, Orca, Defender).
• Ability to script or code fluently in an interpreted language like Python, PowerShell, or Javascript.
• Strong experience in analyzing IAM configurations and detecting potential breaches across multi-cloud environments.

Nice to have

• Experience or strong familiarity with DevOps practices and Agile methodologies.
• Experience with cloud deployments in AWS, GCP, or Azure.

Culture & Benefits

• Be part of a global team on the front lines of cybersecurity innovation.
• Work in an environment that celebrates curiosity, integrity, and initiative.
• Benefit from a focus on creating an employee experience rooted in purpose, growth, and balance.
• Join an Inc. 5000 Fastest-Growing Cybersecurity Company and Inc. Best Workplace awardee.
• Work in a company committed to equal opportunity employment and reasonable accommodation for disabilities.