Secops Ir Engineer

Island Island · Enterprise · Tel Aviv, Israel · Engineering

Island is seeking a SecOps IR Engineer to own incident detection, triage, and response across their infrastructure and enterprise browser platform. The role involves maturing IR capabilities, building automation and tooling, and developing detection rules. Responsibilities include incident response, detection engineering, security automation using platforms like Torq, threat monitoring and hunting, cloud security operations, and developing the SecOps toolchain. Requires 3+ years of experience in security operations, incident response, or detection engineering, with practical experience in SIEM, EDR, cloud security platforms, and scripting/automation.

What you'd actually do

  1. Lead and participate in the full incident lifecycle - detection, triage, investigation, containment, and post-mortem. Own runbooks and ensure they reflect current threat landscape and tooling.
  2. Develop, tune, and maintain detection rules across SIEM, EDR, and security audits. Minimize false positives; maximize signal value.
  3. Build and improve automated response workflows using platforms like Torq; reduce manual toil on alert triage, enrichment, and escalation paths.
  4. Continuously monitor the environment for anomalies and indicators of compromise; proactively hunt for threats aligned to our threat model.
  5. Investigate and triage findings from cloud-native security tooling (Wiz, AWS CloudTrail); collaborate with engineering teams on remediation of infrastructure-level issues.

Skills

Required

  • security operations
  • incident response
  • detection engineering
  • SIEM
  • EDR
  • cloud security platforms
  • scripting
  • automation
  • Torq
  • Tines
  • SOAR
  • attacker techniques
  • detection evasion methods
  • incident investigation methodology

Nice to have

  • threat intelligence operationalization
  • SOC2
  • compliance frameworks

What the JD emphasized

  • hands-on experience in security operations, incident response, or detection engineering
  • Practical experience with SIEM, EDR, and cloud security platforms
  • Proficiency in scripting and automation
  • Strong grasp of attacker techniques, common detection evasion methods, and incident investigation methodology
  • Ability to work independently and drive initiatives end-to-end