Incident Response Engineer

Reposted 21 Days Ago
Be an Early Applicant
Tel Aviv, ISR
Hybrid
Mid level
Software • Cybersecurity
The Role
Perform full incident response lifecycle (triage, containment, eradication, recovery); conduct forensic investigations across Windows, Mac, and Linux; tune SIEM rules and dashboards; develop and maintain SOAR playbooks and automation; monitor and mitigate cloud-native threats across Azure, AWS, and GCP.
Summary Generated by Built In
Description

BioCatch is the leader in Behavioral Biometrics, a technology that leverages machine learning to analyze an online user’s physical and cognitive digital behavior to protect individuals online. BioCatch’s mission is to unlock the power of behavior and deliver actionable insights to create a digital world where identity, trust, and ease coexist.

Today, 34 of the world's largest 100 banks and 210 total financial institutions rely on BioCatch Connect™ to combat fraud, facilitate digital transformation, and grow customer relationships. BioCatch’s Client Innovation Board, an industry-led initiative including American Express, Barclays, Citi Ventures, and National Australia Bank, helps BioCatch to identify creative and cutting-edge ways to leverage the unique attributes of behavior for fraud prevention. With over a decade of analyzing data, more than 80 registered patents, and unparalleled experience, BioCatch continues to innovate to solve tomorrow’s problems. For more information, please visit www.biocatch.com.

We are seeking an Incident Response Engineer to join the IR team. This technical role focuses on active investigation, threat mitigation, and the continuous improvement of the security organization’s posture through detection engineering and automation development.

The successful candidate will be responsible for the full lifecycle of security incidents, from initial triage to recovery. Beyond reactive response, this role involves tuning SIEM correlation rules and developing SOAR workflows to increase operational efficiency.

What You’ll Be Doing

  • Incident Management: Execute the IR lifecycle (Triage, Containment, Eradication, Recovery) for complex security events.
  • Technical Investigation: Perform root cause analysis and forensic examination across Windows, Mac, and Linux environments.
  • Detection & Tuning: Collaborate with the IR team to create, test, and tune SIEM rules and dashboards to reduce false positives and improve visibility.
  • Automation Engineering: Build and refine SOAR playbooks and automated response actions to streamline repetitive investigation tasks.
  • Cloud Security: Monitor and mitigate cloud-native threats across Azure, AWS, and GCP environments.
Requirements
  • Experience as a SecOps/IR Analyst or Engineer with a heavy focus on active investigation.
  • Deep understanding of the Incident Response lifecycle (Triage, Containment, Eradication, Recovery).
  • Hands-on experience handling and managing security alerts, performing root cause analysis, and leading investigations.
  • Experience working across cloud providers (Azure, AWS, GCP) to identify and mitigate cloud-native threats.
  • Strong knowledge of operating systems (Mac, Windows, Linux) and their respective artifacts.
  • Proficiency with Splunk or other SIEM platforms for log analysis and threat hunting.
  • Experience with XSOAR or other security automation tools from an end-user/analyst perspective.
  • Strong knowledge of security technologies, including EDR, Mail Relay, Vulnerability Scanning, Secure Access, and MDM.
  • Scripting experience with Python or Bash to assist in data parsing and investigation tasks.

Nice to Have

  • Detection Engineering: Ability to build and improve SIEM rules, correlations, and dashboards.
  • Automation Development: Experience developing new SOAR workflows, automated actions, and response playbooks.
  • Technical Literacy: Familiarity with REST APIs and Regex for advanced querying and tool integration.
  • Container Security: Familiarity and experience with K8S (Kubernetes).
  • Consultative Skills: Ability to guide best practices in Cloud Security and SIEM operations.

Skills Required

  • Experience as a SecOps/Incident Response Analyst or Engineer
  • Deep understanding of the Incident Response lifecycle (Triage, Containment, Eradication, Recovery)
  • Hands-on experience handling security alerts, root cause analysis, and leading investigations
  • Experience working across cloud providers (Azure, AWS, GCP) to identify and mitigate cloud-native threats
  • Strong knowledge of operating systems and forensic artifacts (Windows, Mac, Linux)
  • Proficiency with Splunk or other SIEM platforms for log analysis and threat hunting
  • Experience with XSOAR or other security automation tools from an end-user/analyst perspective
  • Strong knowledge of security technologies including EDR, Mail Relay, Vulnerability Scanning, Secure Access, and MDM
  • Scripting experience with Python or Bash for data parsing and investigation tasks
  • Ability to build, test, and tune SIEM rules, correlations, and dashboards
  • Experience developing SOAR workflows, automated actions, and response playbooks
  • Familiarity with REST APIs and Regex for querying and tool integration
  • Familiarity and experience with Kubernetes (container security)
  • Ability to provide guidance on Cloud Security and SIEM operations best practices
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Tel Aviv-Yafo
358 Employees
Year Founded: 2011

What We Do

BioCatch is the leader in Behavioral Biometrics which analyzes an online user’s physical and cognitive digital behavior to protect individuals and their assets. Our mission is to unlock the power of behavior and deliver actionable insights to create a digital world where identity, trust and ease seamlessly co-exist. Leading financial institutions around the globe use BioCatch to more effectively fight fraud, drive digital transformation and accelerate business growth. With over a decade of analyzing data, over 60 patents and unparalleled experience, BioCatch continues to innovate to solve tomorrow’s problems.

Similar Jobs

Airwallex Logo Airwallex

Field Marketing Senior Associate

Artificial Intelligence • Fintech • Payments • Business Intelligence • Financial Services • Generative AI
In-Office
Tel Aviv, ISR
2300 Employees

Airwallex Logo Airwallex

Counsel

Artificial Intelligence • Fintech • Payments • Business Intelligence • Financial Services • Generative AI
In-Office
2 Locations
2300 Employees

Airwallex Logo Airwallex

Operations Manager

Artificial Intelligence • Fintech • Payments • Business Intelligence • Financial Services • Generative AI
In-Office
Tel Aviv, ISR
2300 Employees

Airwallex Logo Airwallex

Sales Development Representative

Artificial Intelligence • Fintech • Payments • Business Intelligence • Financial Services • Generative AI
In-Office
Tel Aviv, ISR
2300 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account