Incode Technologies is hiring a
Mid/Sr Security Engineer in Israel

Summary

Incode is hiring a Mid/SR Security Engineer to be the first line of defense against cyber-attacks in both corporate and product environments. The role involves developing tools, automating workflows, building detections, responding to security events, and leading threat hunting practices.

Requirements

• Experience as a security engineer, including security monitoring, detection engineering, incident response, and threat hunting in a SaaS company
• Practical understanding of common attacks, adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles
• Operating systems internals and forensics experience for macOS, Windows & Linux
• Domain experience managing and working with current SIEM and SOAR platforms, DLP, email security platforms, endpoint protection platforms, secure service edge, etc
• Experience developing tools and automation using common DevOps toolsets and programming languages
• Understanding of malware functionality and persistence mechanisms
• Ability to analyze endpoint, network, and application logs for anomalous events
• Proficiency in programming in Golang or Python
• Excellent collaborative skills
• Outstanding written and verbal communication

Responsibilities

• Be the first line of defense to protect, detect, respond to, and recover from cyber-attacks in both our corporate and product environments
• Develop and run tools to gather security telemetry data from cloud production systems
• Automate workflows and improve identification and response time for security events
• Build and optimize high signal detections with enriched data and orchestration
• Define and improve processes, procedures, and technologies used for detection and response
• Develop runbooks and incident playbooks for new and existing detections and influence our security operations roadmap
• Lead threat hunting practices, suggest product and infrastructure signals to surface attacks and incorporate findings into security controls
• Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently with partners
• Participate in an on-call rotation
• Onboard new systems and services to SIEM and SOAR and build new detection pipelines
• Facilitate incident response processes and tabletop exercises

Preferred Qualifications

• SaaS Startup experience in security focused industries, such as fintech, security software and services, healthtech, identity and access management
• Hands-on experience with data analysis, modeling, and correlation at scale
• Familiarity in continuous integration and Infrastructure as Code
• Experience designing, and optimizing high throughput ETL pipelines
• Possess a breadth of knowledge and experience across the information security domain, such as endpoint security, cloud security, application security, or automation
• Experience as a software engineer , infrastructure engineer, or site reliability engineer
• Experience detecting or responding to threats in Kubernetes (K8s), AWS, and Linux environments

Benefits

• Meaningful Equity
• Flexible Working Hours & Workplace
• Open Vacation Policy
• Wellness Program
• International Travel Opportunities
• Additional benefit package according to location (401k, medical insurance, etc.)