דרושים » אבטחת מידע וסייבר » Incident Response Engineer

Come and be part of a dynamic team focused on securing cutting-edge AI and cloud technologies in a rapidly evolving threat landscape. We are leading new initiatives and research projects across AI Security, Identity Protection, and SaaS Defense, and this role offers a unique opportunity to help define the rules of the game. AI is transforming the way we interact with computers and machines and defining new cybersecurity problems and opportunities - we are looking for a Principal Researcher who can help us stay ahead of the curve.

In this role, youll research and build defenses across AI systems, agentic protocols, Identity platforms, and SaaS applications. One day you might analyze a new class of AI prompt injection attacks or Agents abuse, the next youll be hunting through data or creating novel protection mechanisms for them. Youll work closely with product teams to turn research prototypes into real security features.

Join our threat protection research team and be part of a team who contributes to Microsofts most advanced and innovative security solutions. Our mission is to help everyone to counter cyber threats by strengthening their security capabilities across their entire environment, including Identities, Agentic AI systems, Cloud and Applications.
Responsibilities
Research and develop detection methods for new and advanced attack techniques -from exploits to implants. Build end-to-end PoCs, from offensive testing to scalable detection, across all our cloud and identity platforms.
Stay up to date on the latest attack trends and build strong detections across the kill chaincovering agentic AI & LLM threats, cloud and identity-based attacks.
Collaborate with multiple product and engineering teams to design the next iteration of security products, implement detection ideas and validate their effectiveness using a data-driven approach.
Collaborate with data science teams to drive ML based protections, understand, and identify detection gaps, capabilities, assumptions, and improvements.
Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers.

As a Security Infra Engineer, youll design, build, and manage security aspects of our cloud-based and physical environments to ensure compliance and integrity. In your day-to-day, you will:

Design, implement, and maintain platforms for investigating and analyzing security incidents, performing root cause analysis, and coordinating remediation efforts

Design, implement, and maintain security tools and controls for cloud-based infrastructure, Kubernetes clusters, and services, ensuring compliance with industry standards

Build tools and scripts using Golang, Python, or Node.js

Collaborate with all infrastructure groups (cloud, networking, DB, DevEx, etc.) and the Chief Information Security Officer group (for example, for incident response)

Align with other infrastructure standards, including efficiency, reliability, and cost

Work closely with cross-functional teams to design, implement, maintain, and manage security solutions that ensure the integrity and confidentiality of our systems

Join our global team of elite ethical hackers, working with both Check Point and non-Check Point customers across industries worldwide. Collaborate with Check Points research and Incident Response teams to uncover cutting-edge cyber threats, gaining exposure to the most advanced security challenges in the field.

Key Responsibilities
Conduct penetration testing on applications and network environments to identify vulnerabilities and security gaps.
Develop and document testing plans and penetration test reports with clear findings and recommendations.
Perform reconnaissance and network surveys to assess target environments.
Research security tools, exploits, and emerging threats, contributing to blogs and knowledge-sharing initiatives.
Analyze vulnerabilities, exploit weaknesses, and escalate access where applicable.
Assist in malware analysis and breach investigations to support incident response efforts.
Stay up to date with the latest attack techniques, tools, countermeasures, and technologies.
Mentor new team members and contribute to the development of tools, templates, and methodologies for penetration testing.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Are you passionate about disrupting #CloudSecurity? Join us at Microsoft, the largest security company in the world, and work on leading planet-scale products! 🚀 At the Microsoft Cloud Security team, we take immense pride in developing a diverse set of security products and services that are leaders in their respective market segments. Our innovative solutions have set new industry standards, earning global recognition for safeguarding critical infrastructure at the highest scale. Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) designed to protect cloud-based applications running in all major cloud providers. It includes cloud security posture management (CSPM) to identify and mitigate weak spots in cloud configurations, and cloud workload protection (CWP) to detect real-time attacks and help the SOC respond and mitigate threats.

We are a diverse group of talented professionals, including software engineers, security researchers, product managers, and data scientists, collaborating to develop products that secure our customers, including the biggest companies in the world. You will work in a supportive and inclusive environment where you will learn and collaborate with the best and brightest minds in the industry, make a significant impact, grow your skills, and advance your career.

Responsibilities
Conduct in-depth analysis and research on cloud and containerized environments to identify threats, vulnerabilities, and potential risks.
Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection strategies across the entire kill-chain.
Collaborate with internal and external teams to forge new defenses and concepts that help mature Microsoft security products.
Demonstrate leadership in an exceptionally challenging and rewarding environment and influence the organization.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced Threat Intelligence leaders with highly honed threat intelligence analysis skills. MSTIC provides unique insight on threats to protect Microsoft and our customers and is responsible for delivering timely threat intelligence across our product and services teams.

Microsofts mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities
Review threat intelligence deliverables to ensure customer satisfaction and develop standards for quality control. 
* Create and track threat intelligence production workflows and pipelines to support customers and internal stakeholders. 
* Engage with internal stakeholders to ensure threat intelligence content integrates with various product and service groups within Microsoft.
* Curate catalog of threat intelligence deliverables to ensure coverage of critical threats and create new content types to fill identified gaps.
* Develop metrics to measure effective delivery and customer satisfaction. 

Check Point Research (CPR) is looking for a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect Check Point customers and empower the Check Point brand.

Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.