דרושים Detection Engineer בתל אביב

Final is a world leader in trading algorithms and trade execution technologies development. Our multi-disciplinary teams have developed a unique and highly successful machine learning algorithmic based HFT platform that delivers excellent results. In a world increasingly dominated by learning machines and artificial intelligence, we at Final are especially proud of our humans. Our elite team of exceptional people are the soul of our company, and it is our top priority to provide them with a professionally fulfilling environment that supports a healthy work-life balance. Our employees are encouraged to pursue their passions outside of work and we are proud to offer them a variety of opportunities, multiple resources and an agile work environment which promotes their wellbeing. We are seeking a talented, tech savvy Detection Engineer to join our Cyber Security team and elevate Final’s detection and response capabilities across cutting-edge systems

Responsibilities:

• Lead initiatives to enhance our capabilities for effectively detecting and responding to security incidents.
• Design, develop, refine detection rules, alerts, and dashboards across Final’s security platforms to identify malicious or suspicious behavior.
• Deploy, manage, and maintain the infrastructure components of various detection platforms—including indexers, search heads, forwarders, and clusters—to ensure high availability, optimal performance, and scalability
• Parse and analyze logs from endpoints, servers, network devices, cloud services, EDR/XDR, and more.
• Automate detection pipelines and content deployment using Detection-as-Code methodologies and CI/CD frameworks.
• Tune and optimize detection logic to minimize false positives and enhance alert fidelity.
• Collaborate with different teams to continuously improve detection coverage.
• Integrate with SOAR tools and workflows, developing playbooks that enhance speed and consistency of incident response.
• Perform proactive threat hunting, alert triage, and incident investigations, leveraging threat intelligence and different cybersecurity frameworks.

Requirements:

• Minimum 4 years in detection engineering, or equivalent roles.
• SIEM proficiency: Hands-on experience with Splunk or Azure Sentinel is mandatory; working with both is highly desirable.
• Familiarity with Detection as Code frameworks and CI/CD best practices.
• Hybrid environment: Experience operating across Linux/Windows on-premises and cloud infrastructure.
• Security fundamentals: Strong grasp of networking, operating systems, EDR/XDR, IDS/IPS, proxies, firewalls, and endpoint behavior.
• Analytical mindset: Able to distinguish between false positives and true alerts and continuously refine detections.
• Collaboration & communication: Work effectively across teams to implement robust detection strategies.
• Self‑driven: DIY approach—adept at researching, building, and deploying solutions end‑to‑end

Advantage:

Certifications: Splunk Certified Enterprise Security Admin, Azure Security Engineer Associate (AZ-500) or similar.