Security Engineer

About Sisense

Sisense is the unified, collaborative data platform for professional data teams. We help thousands of data teams tackle increasingly complex data challenges, from ETL through predictive analytics. Our customers trust us with their most important data, using Sisense to query everything from revenue metrics to personally identifiable information of their users.

The Opportunity

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

Why Join Our Information Security Team

At Sisense, security is foundational to everything we do. We leverage cutting-edge technology not just for our product, but also for our internal services and security operations. As a global company, we value diversity and believe that different perspectives enhance our security thinking and capabilities.

You'll collaborate closely with engineering, IT, and cross-functional teams to implement and maintain robust security monitoring solutions that protect our cloud infrastructure. While ensuring the highest levels of security, you'll also develop streamlined processes that enable the business to move quickly and efficiently.

What You'll Do

• Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
• Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
• Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
• Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
• Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
• Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
• Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
• Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

What You Have Accomplished So Far

• 3+ years of experience in security operations, with a strong focus on incident detection and response
• Demonstrated experience responding to and managing security incidents in cloud environments (AWS/Azure/GCP)
• Proficiency with SIEM and SOAR platforms, including rule creation, tuning, and maintenance
• Strong knowledge of cloud security monitoring tools and techniques
• Experience analyzing endpoint, network, and application logs for anomalous events
• Practical understanding of common attack vectors, TTPs, and how to detect them
• Knowledge of malware functionality and persistence mechanisms
• Experience with security automation and scripting for incident response workflows
• Growth mindset with a focus on continuous improvement of security operations

Will Be a Plus

• Experience with cloud-native security tools and services
• Proficiency in scripting languages (eg: Python) for security automation
• Familiarity with threat intelligence platforms and their integration into detection systems
• Experience with EDR solutions and email security technologies
• Knowledge of IT security audit techniques and compliance frameworks
• Security certifications such as GCIH, GCIA, CISSP, or similar

How You'll Make an Impact

As our Detection & Response Security Engineer, you'll be instrumental in safeguarding our customers' trust by ensuring that security events are swiftly detected and effectively managed. Your expertise will help us maintain a resilient security posture while enabling the business to innovate and grow securely.