IR Team Lead - Cyber Incident Response (Tier 3)

Ramat Gan
One of Israel's leading insurance companies
Full Time

This is a strategic, hands-on role combining technical leadership, advanced cyber investigations, development of detection capabilities, and continuous innovation in Detection & Response.

Join one of Israel's leading insurance companies as an IR Team Lead, leading the organization's Tier 3 Cyber Incident Response team. This is a strategic, hands-on role combining technical leadership, advanced cyber investigations, development of detection capabilities, and continuous innovation in Detection & Response.

What You'll Do:

  • Lead the Tier 3 IR team, manage priorities, and drive end-to-end cyber investigations, including Digital Forensics, Threat Hunting, and Incident Response.
  • Develop and enhance EDR detection capabilities, improve playbooks, and translate Threat Intelligence and MITRE TTPs into effective detection controls.
  • Manage the external SOC, lead Purple Team and Breach & Attack Simulation initiatives, evaluate new security technologies, and collaborate with IT, Infrastructure, Cloud, and Cyber teams.

Requirements:

  • 3+ years of experience investigating Tier 3 cyber incidents - Must
  • Experience leading a technical team - Must
  • Hands-on experience creating and tuning EDR detection rules - Must
  • Experience working with an external SOC, including SLA management and quality assurance - Must
  • Experience with SIEM platforms (Microsoft Sentinel or Splunk) and writing KQL or SPL queries - Must
  • Strong understanding of AI technologies, the evolving cyber threat landscape, and Autonomous SOC concepts - Must
  • Strong knowledge of IT infrastructure, Networking, Windows, Linux, Active Directory, and Microsoft Entra ID - Must
  • Experience with MITRE ATT&CK, Red Team, Purple Team, Penetration Testing, or Breach & Attack Simulation - Significant Advantage
  • Relevant certifications such as GCIH, GCFA, GCIA, OSCP, or CRTO - Significant Advantage

Apply Here

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.