CrawlJobs Logo
Island Logo Island · IT - Administration

SecOps Lead

Israel, Tel Aviv · Job Posted January 09, 2026
Apply Position
Job Link Share

Job Description

As a Security Operations Lead at Island, you will operationalize and enhance the security of the Island Enterprise Browser by building proactive security controls, monitoring for real-world threats, and driving rapid response initiatives. You will play a critical role in safeguarding our infrastructure and customer environments, shaping the operational backbone of our security posture through precision, innovation, and real-world vigilance.

Job Responsibility

  • Security Monitoring & Incident Response: Design, implement, and maintain security monitoring solutions
  • investigate and respond to security events, anomalies, and vulnerabilities relevant to the Island Enterprise Browser and supporting infrastructure
  • Operational Security Automation: Develop custom automation for detection, alerting, triage, and response workflows
  • optimize signal-to-noise ratio to enable fast and accurate threat detection
  • Threat Intelligence & Hunting: Collect, analyze, and operationalize threat intelligence relevant to our threat model
  • conduct proactive threat hunting activities tailored to the enterprise browser domain
  • Security Operations Playbooks: Create and maintain incident response guides, runbooks, and operational playbooks to enable structured, high-fidelity security operations and empower cross-functional teams
  • Security Enablement & Awareness: Collaborate with product, engineering, and IT teams to improve security awareness, deliver training, and drive adoption of security best practices across Island

Requirements

  • Strong understanding of detection engineering, security operations workflows, and incident response practical experience
  • Proficiency in scripting and automation (e.g., Python, Bash, PowerShell) to build scalable security tooling
  • Hands-on experience (3+ years) with SIEM, EDR, cloud security monitoring, and incident management
  • Familiarity with cloud security (AWS/GCP/Azure) principles and secure DevOps practices
  • Solid grasp of modern attack techniques, threat actor behaviors, and vulnerability exploitation patterns
  • Curiosity-driven, operations-focused mindset with a passion for keeping adversaries out and operations resilient

Nice to have

Experience in building or running purple teaming activities is a strong plus

Island - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SecOps Lead

8 matching positions

Secops Lead

Serves as the Lead Cybersecurity Operations (SECOPS) contractor, providing senio...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
aac.com Logo
AAC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated ability to guide technical discussions and provide expert advisory support to senior government officials, including the CISO, system owners, SOC staff, and executive leadership, while operating under government direction
  • Proven experience as a SOC Lead or Senior Team Lead, successfully coordinating with managed security service providers (MSSPs) and external cybersecurity partners (e.g., CISA, CYBERCOM) in support of incident response (IR), incident handling (IH), and vulnerability management (VM) activities), including mitigating actions to contain activity and facilitating forensics analysis when necessary
  • Documented experience conducting and guiding in-depth technical evaluations of INFOSEC, IT security, and cybersecurity tactics, techniques, and procedures (TTPs), including their impact on baseline system configurations
  • Demonstrated proficiency providing cybersecurity posture assessments, hygiene reporting, and technical input in support of Governance, Risk, and Compliance (GRC) activities and continuous monitoring programs
  • Experience providing incident response support to network subscribers, including recommending mitigating actions, supporting containment efforts, and facilitating forensic analysis under government oversight
  • Demonstrated expertise in log-based and endpoint-based threat detection, threat hunting, and analysis across multiple threat sources
  • Strong technical knowledge of web services security, Microsoft cloud environments (Azure, M365), and modern enterprise security architectures
  • Advanced experience evaluating the security of complex web portals, APIs, and databases (e.g., Java, Ruby, SQL, Oracle) using commercial and open-source security assessment tools such as SQLmap and mongoaudit
  • Near-expert proficiency in: Web application security testing frameworks (e.g., NMAP, W3af)
  • Continuous monitoring and remediation tools (e.g., Azure Security Center, Defender for Cloud, Qualys, Wireshark)
Job Responsibility
Job Responsibility
  • Serves as the Lead Cybersecurity Operations (SECOPS) contractor, providing senior-level technical leadership and operational support to the Agency’s IT Security Program
  • Supports and coordinates SECOPS activities under government direction and maintains technical inputs to the Agency’s IT Security Program
  • Provides senior technical advisory support to the Chief Information Security Officer (CISO) on developments in cybersecurity, information security (INFOSEC), and IT security, including emerging threat vectors, advanced persistent threats (APTs), attack surface analysis, and identified weaknesses
  • Supports Agency-level technical implementation of approved cybersecurity policies, standards, and directives by developing technical documentation, implementation guidance, and draft procedures for government review and approval
  • Leads day-to-day contractor cybersecurity operations activities within the SECOPS function, supporting government-led oversight of systems and services that impact the Agency’s mission and critical infrastructure
  • Implements and administers cybersecurity incident handling (IH) and incident response (IR) capabilities, including SIEM dashboards, detection inputs, incident response playbooks, and operational metrics, to improve efficiency and effectiveness of security operations
  • Facilitates and coordinates SECOPS activities in support of the Agency’s Information Security (INFOSEC) Program, assisting Agency system security personnel and Information System Security Officers (ISSOs)
  • Serves as the senior technical advisor for threat, vulnerability, and configuration management activities, providing threat intelligence analysis, mitigation recommendations, and defensive strategy insights to Agency stakeholders
  • Fulltime
Read More
Arrow Right

Tech Lead - IR, Cyber Security, SecOps

As the Tech Lead of IR, you will be the captain of the front-line defence. You w...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Leadership Experience: 1+ years of experience leading technical teams or acting as a formal mentor/technical lead in a security context
  • Deep Technical Roots: 7+ years of industry experience in security with a focus on Information Security principles
  • Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments
  • Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment
  • Technical Breadth: Mastery in at least 5 of the following: Endpoint Protection (EDR/XDR) & Zero Trust architecture
  • Identity Management (IAM/IDM) and SSO/SAML
  • Security Analytics (SIEM/Logging) such as ELK or Splunk
  • Container Security (Docker, Kubernetes)
  • Email Protection & Patch Management
  • Coding Proficiency: Ability to review and guide the development of security tools in Python or Go
Job Responsibility
Job Responsibility
  • Incident Command: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes
  • Architect Operations: Oversee the design and execution of vulnerability management, SaaS security posture (CASB), and asset management at scale
  • Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation
  • Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities
  • Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management
Read More
Arrow Right
New

SecOps Team Leader

Location
Location
Israel , Petah Tikva
Salary
Salary:
Not provided
global-e.com Logo
Global-e
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of proven, hands-on experience in cyber security
  • Proven experience as a team leader in a security operations context
  • Deep, hands-on experience with SIEM and SOC platforms
  • Experience securing cloud environments including cloud-native security controls
  • Experience managing endpoint security across Windows and macOS at scale (EDR/XDR, patch management)
  • Experience implementing and managing DLP solutions across endpoints and cloud
  • Experience handling and leading cyber incident investigations end-to-end
  • Innovative thinking with a strong drive toward automation and process improvement
  • Fluent English — written and verbal
  • Outstanding communication and presentation skills — comfortable with C-level executives and technical teams
Job Responsibility
Job Responsibility
  • Manage, mentor, hire, and train the SecOps team, including hands-on technical guidance
  • Lead cyber security projects where the cyber team are the executors, and manage cyber-related projects executed by the IT department
  • Build a culture of documentation, process hygiene, and accountability
  • Own the SIEM platform end-to-end: architecture, data source onboarding, detection rule development, tuning, and coverage mapping
  • Build, Lead and oversee day-to-day SOC Operation
  • Lead end-to-end incident response: detection, investigation, containment, eradication, and post-mortem
  • Manage and operate the security technology stack — identify opportunities to enhance defensive capabilities
  • Drive adoption of AI abilities to improve team efficiency including automated alert enrichment, playbook automation, and threat intel processing
  • Fulltime
Read More
Arrow Right
New

Security Architect

Opportunity to join a premier enterprise Architecture & Delivery team to steer c...
Location
Location
Australia , Melbourne
Salary
Salary:
900.00 - 1100.00 AUD / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 03, 2026
Flip Icon
Requirements
Requirements
  • 8+ years of professional experience in IT solution design, build, or delivery, with 5+ years dedicated to IT Security, IAM, IGA, PAM, and cloud security environments
  • Expert hands-on experience with Entra ID (including Conditional Access Policies, Connect, B2B/B2C, ZTNA, Graph API) and Okta SSO (SAML, OIDC, OAuth)
  • Strong architectural knowledge of IGA platforms (SailPoint, One Identity, or Saviynt) and PAM architectures (CyberArk or Beyond Trust)
  • Proven understanding of identity-specific threat modelling, DevSecOps mindsets, and frameworks such as MITRE ATTCK and NIST AI RMF across hybrid cloud structures (VMware, AWS, Azure, GCP)
  • Tertiary qualification in IT, Engineering, or a related field, combined with an industry standard certification such as CISSP
  • 8+ years of professional experience in IT solution delivery or design, with 5+ years focused on SIEM, SOAR, Vulnerability Management, and Continuous Threat & Exposure Management (CTEM)
  • Direct experience architecting and implementing solutions using Microsoft Unified SecOps Platforms, Microsoft Sentinel, Microsoft Defender XDR, and Splunk ES/SOAR
  • Technically proficient in securing hybrid cloud environments using native and third-party CASB, M365 E5 Security Services, Intune MDM, and Cloud Workload Protection platforms
  • Comprehensive knowledge of security and architecture frameworks including TOGAF, SABSA, MITRE Atlas, NIST RMF, ISO 27001, ISM, and ASD Essential 8
  • Tertiary qualification in IT, Computing, or Engineering, with highly regarded certifications such as CISSP, AWS Security Specialty, Microsoft AZ-500, or Microsoft SC-100
Job Responsibility
Job Responsibility
  • Architect and implement modern identity and access management (IAM) models leveraging Entra ID, Ping Identity, and auxiliary technologies
  • Deliver secure solution architecture artefacts (such as SAR, SOAP, and NFRs) tailored for identity portfolio epics
  • Design and enforce robust network validation and enterprise authentication policies, including SSO, MFA, Conditional Access, and Passwordless Authentication
  • Lead enterprise migrations involving legacy infrastructure upgrades, Exchange transitions, and broad application onboarding to Entra ID
  • Govern and design solutions for Privileged Identity Management (PIM) and Privileged Access Management (PAM) to secure elevated credentials
  • Automate identity lifecycle processes (Joiner-Mover-Leaver) and configure rigid RBAC models and compliance access reviews
  • Define the secure implementation strategy and construct security controls aligned with Microsoft Azure and M365 E5 Security Services
  • Architect and implement SecOps solutions using Microsoft Defender, Microsoft Sentinel, Unified SecOps Platform, Microsoft Security Copilot, and Splunk ES/SOAR
  • Deliver end-to-end solution architectures and architecture documentation for assigned SecOps portfolio epics
  • Integrate and optimize Azure Sentinel to advance threat detection capabilities, incident response mechanisms, and AI security defense analytics
Read More
Arrow Right

Security Analyst

As a Security Analyst in our Security Operations team, you'll protect the platfo...
Location
Location
Spain
Salary
Salary:
46000.00 - 65000.00 EUR / Year
mews.com Logo
Mews
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in a Security Operations, SOC, or Incident Response role within a SaaS or technology company
  • Working knowledge of at least one major public cloud provider (Azure, AWS, or GCP) — IAM, logging, networking
  • Experience handling security incidents end-to-end: detection, containment, eradication, and recovery
  • Strong communication skills — you can explain a threat clearly to an engineer and to a hotel GM
  • Comfort working in a team that is building and improving its processes, not just following them
  • Fluent English
Job Responsibility
Job Responsibility
  • Monitor and triage security alerts across a cloud-native production environment serving 5,000+ hotels globally
  • Lead and support security incident response end-to-end — from detection through containment, root cause analysis, and post-incident improvement
  • Run proactive threat hunts to identify malicious or anomalous activity before alarms fire
  • Improve detection quality by designing and tuning alert logic to increase signal and reduce noise
  • Support vulnerability management in close collaboration with engineering teams on remediation
  • Act as a customer-facing security contact during incidents, providing clear and calm communication
  • Contribute to automating repeatable SecOps processes, including investigation workflows and response action
  • Participate in the on-call rotation: one full week every two months approximately
What we offer
What we offer
  • Participation in our company share program
  • Best-in-class parental leave (6 months fully paid for primary caregivers, 2 months for secondary, available within your first year)
  • Unlimited paid holiday
  • Work from anywhere - enjoy the flexibility to work from other countries for a few weeks each year through our compliant and flexible Workation policy
  • Relocation options available after 1 year
  • Monthly "EDGE" time - dedicated to Explore, Develop, Grow, and Elevate yourself
  • Flexible, hybrid working options
  • One-off home office setup budget to make your workspace your own
  • Monthly working-from-home and healthcare allowances (where local healthcare benefits are not in available)
  • Fulltime
Read More
Arrow Right

CSIRT Director

The CSIRT Director is a cybersecurity leader responsible for the complete owners...
Location
Location
Canada , Montreal
Salary
Salary:
Not provided
sita.aero Logo
SITA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of progressive experience in cybersecurity, with at least 7+ years in a senior leadership role with direct accountability for security operations.
  • 5+ years of direct experience managing large, geographically distributed Security Operations Centers (SOCs) — including multi-site, multi-shift, 24/7/365 operations.
  • Bachelor's degree in computer science, Information Systems, Information Security, or a related discipline
  • or equivalent professional experience.
  • Active professional certification in at least one of the following: CISSP, CISM, CISA, GIAC GSOM, GIAC GCIH, or equivalent.
  • Proven experience managing global teams across multiple time zones and cultures, with a track record of building cohesive, high-performing distributed teams. With demonstrated ownership of an Incident Response Function and Team.
  • Demonstrated ownership of two or more of the following functions: SOC, CTEM / Vulnerability Management, Cyber Threat Intelligence,
  • Strong command of the MITRE ATT&CK framework, NIST CSF, and incident response methodologies (SANS PICERL, NIST 800-61).
  • Executive-level communication skills — ability to translate complex technical threats into business risk language for CISO, C-suite, and Board audiences.
Job Responsibility
Job Responsibility
  • Continuous Threat Exposure Management (CTEM) - Directs the organization's proactive exposure reduction program. This includes attack surface management, vulnerability prioritization, red team / purple team program oversight, penetration testing governance, and the coordination of remediation workflows with IT and engineering stakeholders.
  • Cyber Threat Intelligence (CTI) - Commands the intelligence function responsible for producing finished, operationalized threat intelligence. This includes strategic intelligence briefings to CISO and Board, tactical intelligence feeds into detection platforms, threat actor tracking, sector-specific threat analysis (transportation/aviation/border security), and third-party intelligence partnerships.
  • Incident Response (IR) - Owns the full incident response lifecycle. Accountable for IR planning and playbook governance, crisis management and executive communication during significant incidents, forensic capability oversight, tabletop exercise program, regulatory breach notification coordination, and post-incident reviews (PIRs).
  • Security Operations (SecOps) Collaboration - Direct and optimize resources across global SOC locations (Montreal, Cairo, Singapore), ensuring consistent standards, 24/7/365 coverage through a follow‑the‑sun operating model, and resilient business continuity with defined failover capabilities. Drive collaboration and intelligence sharing across sites while managing MSSP and third‑party partners to ensure performance, accountability, and unified global operations.
  • Strategic Leadership & Governance - Define and lead a multi‑year global CSIRT strategy, serving as the single point of accountability for threat exposure, intelligence, and incident response while aligning capabilities to business risk and industry frameworks. Own executive reporting, budget planning, and the establishment of clear SLAs and KPIs to ensure a mature, scalable, and effective cybersecurity operations program.
  • People Leadership & Talent Development - Lead, develop, and retain a high‑performing global cybersecurity operations team across CTEM, CTI, and Incident Response, fostering an inclusive, high‑accountability culture that enables collaboration across regions and time zones. Establish clear career pathways, performance management, and succession planning while overseeing staffing models, shift coverage, and on‑call operations across all SOC locations.
  • Executive & Stakeholder Engagement - Act as the primary liaison to the CISO, delivering executive‑ and board‑level insights on security operations, threat posture, and incident response effectiveness. Partner cross‑functionally with architecture, engineering, GRC, legal, and IT teams, and represent CSIRT in audits, regulatory reviews, and customer security engagements.
What we offer
What we offer
  • Work from home up to 2 days/week (depending on your team’s needs)
  • Flex Day: Make your workday suit your life and plans.
  • Flex Location: Take up to 30 days a year to work from any location in the world.
  • Employee Wellbeing: Employee Assistance Program (EAP) for you and your dependents 24/7, 365 days/year
  • Champion Health platform.
  • Professional Development: Access to world-class learning platforms including LinkedIn Learning, Microsoft's Enterprise Skills Initiative, Airport Council International, Pluralsight, Harvard Business Publishing, Stanford and many others.
  • Competitive Benefits: Competitive benefits that make sense with both your local market and employment status.
  • Fulltime
Read More
Arrow Right

Vulnerability Management Technical Project Lead

The Tech Lead/ServiceLine Lead will be responsible for the operational, organisa...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Total Experience Expected: 08-10 years
  • Bachelor's degree or Master's in Computer Science, Engineering, or related field
  • Proven leadership experience
  • Strong people management and client‑facing governance skills
  • Executive communication (FR/EN written & verbal reporting
  • Crisis management & escalation handling for P0/P1 situations
  • Data‑driven decision making using KPIs, dashboards, and trends
  • Continuous improvement & automation mindset
  • Proficiency in ServiceNow SECOPS (certification preferred), vulnerability detection and monitoring tools (Microsoft Defender for Endpoint EDR/XDR, WIZ, NESSUS PRO, Dynatrace), CMDB, VISIT, reporting tools (PowerBI, PowerPoint), and adherence to security standards and Client SLAs is required
Job Responsibility
Job Responsibility
  • Monitoring of critical P0 / P1 vulnerabilities
  • Steering CTI incidentology
  • Execution and governance of COD controls
  • Organisation of committees and reporting
  • Operational management and team skill development
  • Contribution to process, tool, and KPI optimisation
  • Promptly responding to P0/P1 vulnerabilities, including identification, assessment, patching, documentation, and development of remediation plans when patching is not possible
  • Coordinate and oversee P0 vulnerability follow-up meetings, communicate updates and remediation progress, escalate unresolved issues, and ensure compliance with established deadlines
  • To attend, present & track regular meetings and committee sessions with vulnerability status, track remediation efforts, report key performance indicators, and coordinate with divisions on security tools and control enhancements
  • Oversees the execution, analysis, and remediation of six COD controls, ensuring effective risk reduction and planning for additional controls to further mitigate cyber threats
  • Fulltime
Read More
Arrow Right

Cortex Cloud Sales Specialist

Join the fastest growing team where experience meets cutting-edge solutions. Bui...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of field sales experience focusing on key customer accounts and delivering value to Enterprise or Major-level accounts in the cybersecurity industry
  • Extensive platform selling experience in complex sales with multiple buying centers
  • Experience selling SecOps SIEM, EDR or CNAPP (DevSecOps, CloudOps) solutions is highly preferred
  • Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations
  • Expertise in applying complex solution sales methodologies to drive results
  • Experience working with channel partners and a deep understanding of a channel-centric go-to-market strategy
  • Demonstrated ability to thrive in a fast-paced, high-growth startup environment while collaborating effectively with sales engineers and cross-functional teams
  • Experience operating in a continuous adoption, expansion, and upsell sales motion within a matrixed sales organization is preferred
  • Willingness to travel domestically as necessary to meet business needs
Job Responsibility
Job Responsibility
  • Build and cultivate strong customer relationships, driving business growth within the region
  • Partner with the core sales team to align customer strategies and engagements with Cortex and Cloud business objectives
  • Take full ownership of leading strategic sales campaigns, sales forecasting, utilizing in-depth knowledge of sales cycles from initial contact through procurement
  • Engage in deep technical discussions beyond standard sales presentations and pitches
  • while translating complex technical cybersecurity solutions into clear business value propositions for customers
  • Collaborate closely with cross-functional teams, including sales engineers, to provide tailored customer-centric solutions
  • Partner with Alliances to develop joint strategies, enhance customer engagement and deliver innovative solutions for existing and prospective clients
  • Travel domestically as needed to meet with customers and attend key business events
  • Fulltime
Read More
Arrow Right