2 days ago
Tel Aviv-Yafo, IsraelMid Level / Senior
Responsibilities
- Design and develop automation workflows for incident response and SOC operations.
- Identify and eliminate manual processes through scalable automation.
- Build reusable components and maintainable automation patterns.
- Develop integrations using REST APIs, webhooks, and event-driven architectures.
- Write high-quality, maintainable Python for automation and orchestration.
- Implement data parsing, enrichment, and transformation across multiple systems.
- Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms.
- Design the automation architecture and integration strategy for the team.
- Build automation capabilities in a greenfield environment.
- Work closely with SOC analysts and incident responders to translate operational needs into automation solutions.
- Improve end-to-end detection and response workflows through close partnership with the team.
- Actively build and evaluate AI/LLM and agent-based workflows applied to security automation.
- Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production.
Requirements
- Minimum 3 years of hands-on experience with SOAR platforms.
- Strong hands-on experience with Python or a comparable language.
- Experience designing or implementing automation frameworks or workflows.
- Experience building integrations using REST APIs and web services.
- Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems.
- Experience with at least one cloud platform (Azure, AWS, or GCP).
- Solid understanding of incident response processes and SOC alert-handling workflows.
- Experience with at least one SIEM platform (Splunk, Sentinel, Qradar, Crowdstrike).
Benefits
- Competitive compensation.
- Career growth and learning opportunities.
- Flexibility and work-life balance.
- Collaborative and innovative culture.
- Opportunity to work on impactful AI projects.
- International environment and talented teams.