Security Engineer, Detection & Response

Tel Aviv
Apply for this position


Dive right in. Swim with our pod.

At Orca, we believe that in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high (because the cloud is the limit), have quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod. 

We’re looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. At Orca, we’re proud of what we do and we always aim high. This, together with our belief in the power of teamwork, has quickly turned us into a global cloud security innovation leader (and a unicorn). Ready to dive in and swim with our pod?


● Fast growth: This company has momentum. It’s THE opportune time to join Orca Security. 

● Disruptive technology: Orca Security completely changed the way cloud is secured and is leading a new approach of how security solutions should be built. It’s completely agentless and detects every important risk in the cloud environment down to the data layer. It’s fast, simple, and complete.

● Well-capitalized: Total funding is almost $630MM in less than 24 months. CapitalG, Redpoint, GGV, YL Ventures, and SVCI. SVCI is a syndicate of CISOs who invested their own money after careful due diligence.

● Founded and led by 8 architects and executives from Check Point and quickly joined by many senior engineers from Palo Alto and Check Point. 

About the role:

  • Develop IR initiatives that improve our capabilities to respond and remediate security events faster
  • Perform forensic analysis in cloud environments
  • Perform analysis of logs from a variety of sources (e.g. Cloudtrail, GCP, and Azure activity logs, individual host logs, network traffic logs) to identify and investigate potential threats
  • Build automation for identification, response, and remediation of malicious activity
  • Drive implementation of countermeasures, mitigations, and containment

About you:

  • 7+ years of experience in Incident Response & Detection Engineering
  • Experience analyzing network and host-based security events
  • Knowledge of networking technologies, specifically TCP/IP and the related protocols
  • Experience with an interpreted programming language (Python, etc)
  • Experience with attacker tactics, techniques, and procedures
  • Strong knowledge of network attack vectors
  • Strong working knowledge of common security tools, such as a SIEM, EDR, or forensics tools
  • Proven experience in cloud environments

Preferred Qualifications:

  • Background in response automation, malware analysis, intrusion detection, and/or threat hunting
  • Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Detection, and/or response tool development

Apply for this position