Our next-gen architecture is built to help you make sense of your ever-growing data Watch a 4-min demo video!

header image career

Data is Never at Rest,
and Neither Are We

We’re constantly on the lookout for people who are hungry, humble, and smart. In that order. If that sounds like you, join us on our journey to make raw log data obsolete.

Global Customers
DevOps and Engineering Users
Applications Monitored
Events Processed Per Second
career left
team mobile

Join the Team!

Our stateful streaming analytics approach enables teams to monitor, visualize, and alert on observability data in real-time with no reliance on storage or indexing.

We’re looking for new team members to join us in our mission to build our next-gen data-less data platform.

career right

Our Benefits

Global Presence

We have a global presence with our HQ in the center of Tel Aviv and offices in the USA, India and the UK.

Competitive Salary

We pride ourselves on rewarding great work with great compensation.

Generous Share Package

We want you to have skin in the game and share in our future success.

Commuter Benefits

We offer monthly credits for ride-sharing, parking, and public transportation to make getting to the office a breeze.

Team Events

Regular happy hours, annual company trips, and employee parties – these are just a few ways we like to keep things friendly.

Continuous Learning

We encourage everyone to continue learning new things – developing both personally and professionally.

Threat Hunter and Incident response Expert

Tel-Aviv, Israel · Full-time · Senior

About The Position

Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Towards this end, Snowbit, built off years of Israeli cybersecurity experience, offers the broadest managed detection and response offering available today.

Snowbit is part of the Coralogix group. Coralogix is rebuilding the path to log observability by offloading the burden of indexing and providing deep insights into accumulated data, at an infinite scale, for less than half the cost.

 We are looking for an accomplished, passionate, and self-driven Threat hunter / Incident responder with a zeal for revolutionizing the enterprise cybersecurity domain to come and join the Snowbit Security Research Group. 

This is a team of experts with vast cybersecurity experience focused on research on cloud and enterprise systems to identify emerging threat trends/vectors as well as gaps and opportunities within existing enterprise cybersecurity frameworks.

What Will you do?

· Threat hunt inside our customer logs and environments to discover existing malware or threat actors that compromised their network.

· Treat incident response cases from start to finish, including identifying the threats, machine/network/cloud forensics, creating timelines, and consulting customers on IR and mitigation steps.

· Producing reports for customers on your threat hunting / Incident response cases.

· Research emerging attacks, technologies, threats, and vulnerabilities in SaaS and enterprise products and create actionable alerting scenarios to catch them through Coralogix/Snowbit system.

· Investigate logs from security systems to detect intrusions or misconfigurations and create detections based on your findings.

· Write detection rules documentation with actionable recommendations for mitigations.

· Publish your findings internally for customers and externally for blog/marketing needs.

· Work with our customers to investigate anomalies and incidents and create custom detections and next step recommendations. 

Responsibilities will include:

· On-demand threat-hunting activities on multiple cloud environments and SaaS applications of our customers.

·On-demand Incident response treatment for serious incidents raised by our Security resource center or customers.

· Research new attack vectors, including identification, with respect to novel attack vectors including their iteration/evolution and related mitigations across the enterprise IT landscape.

· Collaborate with Product and Engineering to leverage research findings to evolve Snowbit product and knowledge base.

· Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities including mentoring the team on your findings and methods.

· Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

· Regular updates to internal teams and customers on research findings.

· Active participation in public cybersecurity media/forums/events.


· 5+ years of experience in hands-on threat hunting and incident response in large, complex, security organizations and a proven track record in cybersecurity research, specializing in either APTs or cybercrime.

· Hands-on experience in threat hunting and incident response on cloud environments (AWS, Azure, GCP) and SaaS products (Okta, Google workspaces, Github etc).

· Experience in securing on-prem, cloud and SaaS environments and how organizations protect themselves from attacks (including hands-on experience with common tools and products - FW, IDS/IPS, WAF, EDRs, SIEM etc). familiarity with common cloud and SaaS attack vectors and misconfigurations.

· Hands-on experience with machine forensics including analyzing disk, memory, and network artifacts on Windows and Linux machines.

· Hands-on experience with malware analysis / DFIR in a custom-built sandbox environment (Dynamic & Static, including tools like – IDA Pro, Ollydbg, Wireshark),

Reverse engineering experience - a plus.

· Solid understanding of the cyber security kill chain (MITRE ATT&CK/D3FEND), identifying security vulnerabilities, typical attacker exploit techniques, and related mitigations and remediations.

· Experience in working closely with customers from the alert phase, through treat hunting, raising, and treating an incident (including machine forensics as needed) including the removal of the threat and producing a concluding report for the customer.

· Great communication skills - Fluent in english, spoken and written with a positive and helpful attitude.

· Hands-on experience with query languages (Kibana/KQL/Lucene, Splunk), working with JSON files and writing complex queries and rules.

· Development of threat hunting automation (threat hunting scripts, IOC gathering scripts) - a big plus.

· An innovative mind with keen attention to detail and the ability to set his own goals and parameters for success, investigate and implement solutions and recommendations for the customer benefit.

Apply for this position