About Sisense
Sisense is the unified, collaborative data platform for professional data teams. We help thousands of data teams tackle increasingly complex data challenges, from ETL through predictive analytics. Our customers trust us with their most important data, using Sisense to query everything from revenue metrics to personally identifiable information of their users.
The Opportunity
We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.
Why Join Our Information Security Team
At Sisense, security is foundational to everything we do. We leverage cutting-edge technology not just for our product, but also for our internal services and security operations. As a global company, we value diversity and believe that different perspectives enhance our security thinking and capabilities.
You'll collaborate closely with engineering, IT, and cross-functional teams to implement and maintain robust security monitoring solutions that protect our cloud infrastructure. While ensuring the highest levels of security, you'll also develop streamlined processes that enable the business to move quickly and efficiently.
What You'll Do
Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events
What You Have Accomplished So Far
3+ years of experience in security operations, with a strong focus on incident detection and response
Demonstrated experience responding to and managing security incidents in cloud environments (AWS/Azure/GCP)
Proficiency with SIEM and SOAR platforms, including rule creation, tuning, and maintenance
Strong knowledge of cloud security monitoring tools and techniques
Experience analyzing endpoint, network, and application logs for anomalous events
Practical understanding of common attack vectors, TTPs, and how to detect them
Knowledge of malware functionality and persistence mechanisms
Experience with security automation and scripting for incident response workflows
Growth mindset with a focus on continuous improvement of security operations
Will Be a Plus
Experience with cloud-native security tools and services
Proficiency in scripting languages (eg: Python) for security automation
Familiarity with threat intelligence platforms and their integration into detection systems
Experience with EDR solutions and email security technologies
Knowledge of IT security audit techniques and compliance frameworks
Security certifications such as GCIH, GCIA, CISSP, or similar
How You'll Make an Impact
As our Detection & Response Security Engineer, you'll be instrumental in safeguarding our customers' trust by ensuring that security events are swiftly detected and effectively managed. Your expertise will help us maintain a resilient security posture while enabling the business to innovate and grow securely.
Last updated: 18 hours ago
© 2021 - 2024