What We Offer
This is a hands-on and strategic role, ideal for a seasoned security engineer with deep expertise in network-layer defenses, strong architectural thinking, and experience contributing to complex investigations and incident response efforts.
Key Responsibilities
Architect, implement, and operate key detection and protection technologies, including:
API gateways
WAF, and RASP solutions
DDoS protection platforms
NDR & NGFWs with IPS
Web and email proxies
DNS/content filters
Serve as technical lead and escalation point for network detection and protection engineering
Develop and maintain detection logic informed by MITRE ATT&CK and current adversary tactics
Partner with CTI and purple teams to proactively simulate and detect real-world attack techniques and validate the effectiveness of the network detection and protection toolset
Optimize telemetry from network and enterprise services for threat detection (SIEM, NDR, proxy/firewall logging, etc.)
Support Tier 3 incident response, especially involving network-centric attacks or evasive techniques
Conduct internal platform assessments, audits, and configuration reviews
Lead or guide cross-functional security projects aimed at enhancing enterprise detection maturity
Required Qualifications
Bachelor's degree in Cybersecurity or related field
7+ years of experience in security engineering with strong expetise in network detection and protection
Hands-on experience deploying and managing:
API gateways, Web/email proxies, , DNS filtering, WAF, and NGFWs
Familiarity with DDoS protection platforms (e.g., Azure/AWS/Google native services)
Strong understanding of MITRE ATT&CK, adversary behaviors, and detection engineering principles
Demonstrated ability to lead technical investigations and collaborate across disciplines
Experience with packet analysis, threat hunting, and log correlation techniques (L3–L7)
Experience working with or tuning SIEM, NDR, or security analytics platforms
Preferred Qualifications
Familiarity with NIST CSF and CIS Controls
Knowledge of DevSecOps,infrastructure-as-code,and API security best practices
Relevant certifications: GCIA, GCTI, OSCP, CISSP, or equivalent
משרות נוספות שיכולות לעניין אותך