Incident Response Automation team lead
Location: Tel Aviv
Ready to be part of the cyber world?
We are looking for a talented IR automation team lead to build our Use case factory automation, integrations, specs, and tests that expand the functionality of our platform and services.
As an IR automation team leader you will be responsible for managing team of developers and QA, responsible for collaborating and supporting successful integrations in the CyberProof platform with our service’s exiting cyber security needs. The primary responsibilities of this role will include, but are not limited to:
- Design and develop integration with 3rd party security products
- Development of use cases automations, playbook creation based on the cyber incident workflow
- Create automation scenarios for investigation and response to cyber threats
- Customize existing integrations and automation scenarios to specific customer’s network and tools
- Lead the effort of system development, and software integration of the Cyberproof’s platform’s automations needs.
- Perform software design, features analysis, grooming and effort estimation of tasks.
- Training the developers team for creating integrations, research and deploy new scenarios.
- Document and characterizing’s integrations designed by the Use Case Factory Leader
- Work closely with Architects, QA, Dev-Ops, Product and management
- Recruit, coach team members and set a high technical bar for the team
- Enforcement of the agile methodology
- Good understanding of the cyber world, attacking scenarios and defense methodologies - must
- Regex, Syslog, openAPI, Json files, XML, various of protocols - must
- Data processing : extracting, parsing, analyzing - must
- Experience with python – must
- Strong programming background and the ability to work closely with software engineers
- Strong scripting abilities
- Understanding of Agile methodology
- Executing best practices for source code version control with GIT
- Passion for quality
- Proven team leader skills with excellent oral and written communications skills.
- Capable of working on projects independently and possess strong organizational skills.
- Very strong communications skills and analytical aptitude with the ability to express technical concepts effectively, both verbal and in written
- The position requires a sense of urgency and ownership.
- Ability to learn new technologies and apply that knowledge to daily workflows.
- Attention to detail, organized and able to work and research independently.
- Demonstrated adaptability, analytical and problem-solving, and attention to detail.
- Experience managing cases with enterprise SIEM or Incident Management systems