Senior Security Operations Engineer (Fintech)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security Operations Engineer (Fintech): Protecting organizational assets by detecting, investigating, and containing threats across endpoints, cloud infrastructure, and networks with an accent on SIEM/EDR tuning and incident response. Focus on building automated workflows, applying AI to security operations, and driving continuous improvement in detection strategy.
Location: Hybrid role based in Tel Aviv
Company
is a regulated blockchain infrastructure platform that tokenizes, custodies, trades, and settles assets for global financial institutions.
What you will do
- Triage, investigate, and respond to security alerts across endpoints, cloud environments, and network telemetry.
- Automate repetitive security workflows and integrate AI to enhance investigation speed and scale.
- Execute containment and remediation actions for confirmed incidents while improving established runbooks.
- Tune and maintain SIEM and EDR detections to reduce false positives and strengthen signal quality.
- Apply threat intelligence, including IOCs and TTPs, to active investigations and proactive threat hunting.
- Participate in on-call rotations and contribute to post-incident documentation and reviews.
Requirements
- 5+ years of experience in security operations, detection and response, or related security engineering.
- Advanced hands-on experience with SIEM and EDR platforms, including detection tuning and strategy.
- Proven ability to manage complex security incidents from triage through recovery.
- Experience applying threat intelligence and adversary tradecraft to monitoring and detection.
- Strong analytical judgment and ability to guide others through high-severity incidents.
- Experience mentoring teammates and influencing security operations standards.
Culture & Benefits
- Opportunity to work on critical financial infrastructure used by global institutions.
- Focus on building and automation rather than just monitoring.
- Collaborative environment with a strong emphasis on security posture and team readiness.
- Involvement in post-incident reviews and operational improvements.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →