SecOps IR Engineer (Cybersecurity)

TL;DR

SecOps IR Engineer (Cybersecurity): Owning incident detection, triage, and response across infrastructure and the enterprise browser platform with an accent on automation and detection engineering. Focus on building automated response workflows, tuning SIEM/EDR rules, and hunting for threats in cloud-native environments.

Location: Tel Aviv

Company

hirify.global provides an enterprise platform that unifies AI enablement, network access, data protection, and identity into one coherent, secure workspace.

What you will do

• Lead the full incident lifecycle, including detection, triage, investigation, containment, and post-mortems.
• Develop, tune, and maintain detection rules across SIEM and EDR to maximize signal value and minimize false positives.
• Build and improve automated response workflows using platforms like Torq to reduce manual toil.
• Proactively hunt for threats and monitor the environment for anomalies aligned with the threat model.
• Triage findings from cloud-native security tooling such as Wiz and AWS CloudTrail.
• Contribute to the SecOps toolchain, integrating alert sources and maintaining incident response playbooks.

Requirements

• 3+ years of hands-on experience in security operations, incident response, or detection engineering.
• Practical experience with SIEM, EDR, and cloud security platforms (e.g., Wiz, Coralogix).
• Proficiency in scripting and building security automation workflows (Torq, Tines, SOAR).
• Strong grasp of attacker techniques and incident investigation methodology.
• Ability to drive initiatives end-to-end in a fast-moving environment.
• Location: Must be based in Tel Aviv

Nice to have

• Experience with threat intelligence operationalization.
• Familiarity with compliance frameworks such as SOC2.