Senior HyperAutomation Engineer - Wayfinder MDR - Sentinellabs
- חברה: Sentinellabs
- מיקום: Israel
- טכנולוגיות: Python (required), experience with SQL is highly preferred
תיאור המשרה
Design, develop, and maintain hyperautomation workflows that support alert triage, enrichment, investigation, and response.
Convert SOC playbooks, investigation logic, and threat-hunting processes into automated, production-grade workflows.
Proactively identify repetitive or high-volume SOC tasks and implement automation to improve efficiency and consistency.
Build and maintain integrations with internal platforms and third-party security tools using APIs, webhooks, and event-driven mechanisms.
Collaborate closely with Threat Service Engineers (TSEs) and SOC teams to fine-tune existing detections and automation logic.
Improve and optimize MDR operational processes to ensure fast response times and effective threat mitigation.
Own automation workflows end-to-end, including design, deployment, monitoring, troubleshooting, and continuous improvement.
Create and maintain automation playbooks, templates, and best practices to support incident response at scale.
Work closely with R&D and product teams to provide operational feedback and help shape future detection and response capabilities.
5+ years of experience in Security Engineering, Automation Engineering, SOC Tooling, Backend Engineering, or similar technical roles.
Strong experience with Python (required); experience with SQL is highly preferred.
Experience building and operating automation workflows or backend services in production environments.
Solid understanding of SOC operations, incident response workflows, and security alert lifecycles.
Experience working with APIs, integrations, and distributed systems.
Strong problem-solving skills with the ability to translate operational challenges into scalable engineering solutions.
Professional and articulate, with strong written and verbal communication skills.
Ability to manage multiple workstreams and prioritize effectively in a fast-paced environment.
Experience working in MDR, SOC, Threat Hunting, or Incident Response environments.
Familiarity with cloud platforms (AWS preferred).
Experience with security telemetry, alerting pipelines, SIEM/XDR concepts, or internal SOC tooling.
Experience building internal tools for operational or security teams.
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement
תחומי אחריות
Design, develop, and maintain hyperautomation workflows that support alert triage, enrichment, investigation, and response.
Convert SOC playbooks, investigation logic, and threat-hunting processes into automated, production-grade workflows.
Proactively identify repetitive or high-volume SOC tasks and implement automation to improve efficiency and consistency.
Build and maintain integrations with internal platforms and third-party security tools using APIs, webhooks, and event-driven mechanisms.
Collaborate closely with Threat Service Engineers (TSEs) and SOC teams to fine-tune existing detections and automation logic.
Improve and optimize MDR operational processes to ensure fast response times and effective threat mitigation.
Own automation workflows end-to-end, including design, deployment, monitoring, troubleshooting, and continuous improvement.
Create and maintain automation playbooks, templates, and best practices to support incident response at scale.
Work closely with R&D and product teams to provide operational feedback and help shape future detection and response capabilities.
5+ years of experience in Security Engineering, Automation Engineering, SOC Tooling, Backend Engineering, or similar technical roles.
Strong experience with Python (required); experience with SQL is highly preferred.
Experience building and operating automation workflows or backend services in production environments.
Solid understanding of SOC operations, incident response workflows, and security alert lifecycles.
Experience working with APIs, integrations, and distributed systems.
Strong problem-solving skills with the ability to translate operational challenges into scalable engineering solutions.
Professional and articulate, with strong written and verbal communication skills.
Ability to manage multiple workstreams and prioritize effectively in a fast-paced environment.
Experience working in MDR, SOC, Threat Hunting, or Incident Response environments.
Familiarity with cloud platforms (AWS preferred).
Experience with security telemetry, alerting pipelines, SIEM/XDR concepts, or internal SOC tooling.
Experience building internal tools for operational or security teams.
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement
דרישות
Design, develop, and maintain hyperautomation workflows that support alert triage, enrichment, investigation, and response.
Convert SOC playbooks, investigation logic, and threat-hunting processes into automated, production-grade workflows.
Proactively identify repetitive or high-volume SOC tasks and implement automation to improve efficiency and consistency.
Build and maintain integrations with internal platforms and third-party security tools using APIs, webhooks, and event-driven mechanisms.
Collaborate closely with Threat Service Engineers (TSEs) and SOC teams to fine-tune existing detections and automation logic.
Improve and optimize MDR operational processes to ensure fast response times and effective threat mitigation.
Own automation workflows end-to-end, including design, deployment, monitoring, troubleshooting, and continuous improvement.
Create and maintain automation playbooks, templates, and best practices to support incident response at scale.
Work closely with R&D and product teams to provide operational feedback and help shape future detection and response capabilities.
5+ years of experience in Security Engineering, Automation Engineering, SOC Tooling, Backend Engineering, or similar technical roles.
Strong experience with Python (required); experience with SQL is highly preferred.
Experience building and operating automation workflows or backend services in production environments.
Solid understanding of SOC operations, incident response workflows, and security alert lifecycles.
Experience working with APIs, integrations, and distributed systems.
Strong problem-solving skills with the ability to translate operational challenges into scalable engineering solutions.
Professional and articulate, with strong written and verbal communication skills.
Ability to manage multiple workstreams and prioritize effectively in a fast-paced environment.
Experience working in MDR, SOC, Threat Hunting, or Incident Response environments.
Familiarity with cloud platforms (AWS preferred).
Experience with security telemetry, alerting pipelines, SIEM/XDR concepts, or internal SOC tooling.
Experience building internal tools for operational or security teams.
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement