Security Operations & Compliance Lead

Security Operations & Compliance Lead (SOC & GRC) — The Security Operations & Compliance Lead is responsible for day-to-day SOC execution, security tooling and automation, and end-to-end incident handling, while also supporting GRC activities with a primary focus on ISO 27001 readiness and audit support. The role operates primarily during Israel business hours and leads SOC Tier 1 operations while providing Tier 2 support as needed, managing incidents across platforms including TrackerIQ, Rezonate, Wiz, and Own (triage, investigation, coordination, and resolution), maintaining and continuously improving detection rules to reduce false positives and improve coverage/false negatives, and monitoring security tickets through closure. The position owns Torq maintenance and workflow management (building new workflows, optimizing existing ones, ensuring automation reliability) and drives continuous improvement across detection, response, and automation processes. It also handles operational security tickets and access requests (e.g., firewall rules, role/permission changes, user provisioning) in line with internal policies and approval flows, manages Wiz-related ticketing and reporting, and delivers regular operational security reports and insights to stakeholders. As the main security operations point of contact for Engineering, IT, Product, and other teams, the role supports investigations and operational security questions, promotes security best practices adoption, and serves as a trusted advisor to teams and leadership on risks, exposure, and mitigation actions, while supporting ISO 27001 audits through evidence collection, control validation, stakeholder coordination, and ongoing improvements to compliance-related processes and documentation.

• Hands-on experience in SOC operations (Tier 1 / Tier 2)
• Strong incident handling and investigation experience
• Experience working with multiple security platforms and alerting systems
• Experience maintaining detection rules and tuning alerts (FP reduction / FN improvement)
• Experience with security automation and SOAR platforms (e.g., Torq or similar)
• Strong operational mindset; ability to manage multiple incidents and priorities
• Strong communication skills; ability to work effectively with multiple teams

Advantage:

• Experience supporting ISO 27001 audits and/or other security compliance frameworks
• Experience acting as a security focal point or advisor for engineering and product teams

We at Deloitte believe that diversity and inclusion among our people is a critical component of our success and that is why we cultivate an organizational culture that contains and embraces diversity in all its forms.