Job offersCompaniesTestsBlogI'm an employerSign upLog in
This job offer is unpublished.
Imperva Ltd.Published 8 months
Rehovot, Israel
Hybrid teleworking (2 weekdays)

Security Response Engineer

> 1 years of experience
Permanent contract
Security Expert
Bash
OWASP
Postman

Job Offer: Security Response Engineer

About Thales & Imperva 🌍

At Thales, we believe technology has the power to create a more secure, sustainable, and inclusive world. This is driven by human intelligence – the intelligence that builds and powers the systems we rely on daily. We foster curiosity, embrace diverse perspectives, share knowledge, and challenge what's possible. We're making progress in critical industries, from the depths of the oceans to space and cyberspace, and across manufacturing and engineering. Together, we're building a future we can all trust.

Imperva, a Thales company, is a globally recognized cybersecurity leader dedicated to protecting data and applications across all environments. Our advanced solutions empower organizations to secure their most valuable assets against evolving threats. We're proud to be recognized as one of Israel's Top 50 High-Tech Companies to Work For in 2024 (Dun & Bradstreet) and offer a flexible hybrid work model from our Rehovot office.

The Role: Security Response Engineer 🛡️

We are seeking a Security Response Engineer with strong expertise in Web Application security to join our Advanced Security Response Team (ASRT).

The ASRT is at the forefront of security incident response, focusing on the operational aspects of web application security. This includes:

  • Analyzing threats
  • Suggesting immediate remediation and mitigation methods
  • Actively blocking attacks in real time

Our scope of activities covers network layers 3, 4, and 7, addressing a wide range of threats. This includes defending against DoS & DDoS attacks, brute-force attempts, scraping, filtering unwanted traffic, and performing initial analysis and mitigation of application attack vectors like XSS, SQL injection (SQLi), and remote code execution.

A crucial responsibility of the ASRT is managing false positives. The team will investigate root causes, propose solutions to prevent recurrence, and implement necessary changes.

The ASRT collaborates closely with the first-tier support team, acting as the central point for security events and incidents. We also maintain a vital two-way communication channel with the Imperva Threat Research team to share findings, exchange insights, and stay updated on current security policies.

As a member of the ASR team, you will need a strong working knowledge of web application security and the current threat landscape, coupled with in-depth familiarity with Imperva's security policies and processes. Proficiency with relevant tools and methodologies is essential, and continuous learning in security is highly encouraged.

This is a full-time position requiring weekend availability and participation in a rotating weekend shift due to the real-time nature of security response.

Key Responsibilities: 🔑

  • Investigate and respond to active web and network-based security incidents in real time.
  • Apply and validate mitigations for attacks such as SQLi, XSS, and DDoS.
  • Troubleshoot false positives and fine-tune security policies.
  • Collaborate with internal teams to share findings and continuously improve detection and response.
  • Clearly explain security events and impacts to both technical and non-technical audiences.
  • Stay up to date on emerging web attack techniques and response methods.
  • Participate in a rotating weekend/on-call schedule to ensure 24/7 protection for our customers.

Requirements: 🌟

Must-Haves:

  • At least 1 year of experience in security, networking, or a related technical field, or equivalent hands-on exposure through personal projects, labs, or internships.
  • Solid understanding of web application fundamentals and common vulnerabilities (OWASP Top 10 such as SQLi, XSS, RCE, LFI, RFI).
  • Working knowledge of TCP/IP, HTTP/S, DNS, and SSL/TLS.
  • Comfortable using tools like Burp Suite, Postman, Wireshark, or similar.
  • Strong communication and analytical skills, with the ability to stay clear and focused under pressure.
  • Fluent English (spoken and written).

Nice to Have:

  • Familiarity with Python or Bash scripting.
  • Curiosity to explore AppSec tools and techniques, and motivation to deepen your security expertise.
  • A proactive approach to learning and adapting to evolving cyber threats.

Thales is an Equal Opportunity Employer 🤝

Thales champions inclusion and believes diversity strengthens our culture. We are an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, colour, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

Interested in a CAREER IN THE RAIL transportation sector? To see our jobs in the railway market, please visit our dedicated site here.

Reference :thalèsgroup+Imperva-Ltd-Security-Response-Engineer
Home>Job offers

Skills

Tooling
Bash
Railway
Backend
Postman
Python
Data
Progress
SQL
Security
OWASP
Python jobs
Jobs for experimented profiles