Daylight is building managed agentic security services for modern security operations teams. Our platform combines AI-native technology with world-class security experts to monitor, detect, and investigate threats at a scale traditional SOCs can’t match. We’re a 40 person cybersecurity startup that recently emerged from stealth with strong Series A backing. Our R&D and product teams are based in Tel Aviv, and we’re now building our go-to-market presence in the US. Our investors include the founders of Wiz, Cyera, and Eon - people who helped build the cloud security category. Enterprises today are overwhelmed by alerts, tool sprawl, and a global shortage of security talent. Daylight was built to change that. We combine AI and human expertise to deliver faster, smarter investigations and real 24/7 security coverage for large organizations. The Role You’ve worked in a SOC. You’ve triaged alerts, built detections, and investigated incidents. You know what real investigations look like, and you know how much vendor messaging misses the mark. As Security Operations Advocate, you’ll bring the practitioner voice to Daylight. You’ll create technical content, explain how our technology works, and engage directly with the security community. Your audience is security operations professionals, detection engineers, and security leaders who want substance, not hype. You’ll work closely with our marketing, product, R&D, and SOC teams to translate real investigations and product capabilities into content that practitioners respect. What you’ll do: - Investigation walkthroughs - building deep-dive content that shows how Daylight's AI investigates real incidents, step by step, in a way that practitioners find genuinely impressive - Product demos and YouTube content - recording product walkthroughs, feature explainers, and commentary on SecOps trends - Product announcements - translating what product and R&D are building into products announcements focused on our audience - Speaking and events - representing Daylight at industry conferences, security meetups, and customer events; you'll be one of our faces on stage - Webinars & round tables - hosting and co-presenting technical webinars with customers and partners - LinkedIn and Reddit - building a presence where practitioners and detection engineers spend time; participating authentically in conversations. - Influencer and peer relationships - building relationships with respected voices in the security practitioner community - Practitioner enablement content - supporting sales with materials that can stand up to scrutiny from technical buyers What this actually looks like week-to-week: - Recording an investigation walkthrough video with one of our security analysts and turning it into a YouTube video and a blog post - Sitting in on a product sprint review to understand what's shipping next and drafting the announcement content - Posting on LinkedIn not as a brand but as someone with real expertise and a point of view - Presenting at a regional security meetup or submitting a talk proposal to a conference like SANS, BSides, and more - Jumping into a Reddit thread where practitioners are discussing MDR and contributing something actually worth reading - Hopping on a call with a customer who's willing to do a webinar or a case study, and helping turn that into something compelling You're the right fit if: 1. You have the practitioner's credibility: You've built detection logic, worked with SIEMs, or run triage workflows and you have strong opinions about it all. 2. You want to create, not just do: You've created content before (blog posts, conference talks, videos, threads) because you wanted to share your POV with the community. 3. You're energized by community: You already participate in security practitioner communities or want to do so: LinkedIn, Reddit, Discord, Slack groups, conferences 4. You're comfortable being early: There's no playbook for this role. You'll build it and that’s great for you. You're okay not having every resource you need from day one. You're NOT the right fit if: - You've never worked in a SOC or security operations environment. - You want to be on stage only: you're not interested in working with the product team on announcements or helping the broader marketing team articulate our differentiation. - You're uncomfortable being on camera or on stage: you want to stay behind the scenes and are not excited about building a public presence. - You need a large team and established process to be effective. Requirements - 3+ years in a hands-on security operations role: SOC analyst, detection engineer, threat hunter, or similar. - Comfort presenting technical content in front of live or recorded audiences. - Some evidence of public presence: a conference talk, a blog, a LinkedIn following, community contributions - even early-stage. - Strong written English; the ability to translate technical depth into content that practitioners actually want to read. - Startup or fast-moving environment experience is a big plus. - Prior experience in a security practitioner-to-advocate transition is a plus, but not required - we'll help you make the shift.

• Team Lead for a SOC team including watch floor analysts, engineers, threat hunters, incident responders, and cyber threat analysts • Provide guidance and direction to the SOC team to ensure execution and delivery of team tasks, requirements, and projects • Lead customer onboarding to include developing schedules, tracking deliverables, creating slide decks, briefing the customer, and guiding customers through the onboarding process • Build and maintain strong relationships with customers, acting as the primary point of contact for the customers • Answer customer requests, schedule customer meetings, coordinate any engineering work or responses needed, and organize and deliver any necessary documentation to customers • Perform weekly and monthly reviews and ensure communication plans and vital customer information is updated • Work with the SOC team to develop and deliver an annual customer health check for each customer • Serve as the liaison and advocate for the customer with the SOC team • Work with customers and the SOC team to create success plans tailored to customer specific goals and objectives, monitoring progress towards achieving desired outcomes • Collect onboarding and annual health check feedback from each customer • Organize, schedule, and finalize any lessons learned as required by the SOC • Develop new and innovative ideas to enhance customer service and customer value • Track and monitor all SOC team projects progress and performance to include running daily engineering standups • Work with the SOC team on customer case issues, updates, and overall quality • Interface with client’s senior management personnel, including briefings up to CIO/CISO level • Leverage industry knowledge, best practices, lessons learned and stakeholder feedback to develop, implement and continuously improve all services offered under the SOC • Guide and mentor team members • Work closely with the SOC Manager to function as the single point of coordination and accountability, ensuring that all technical work, communications, and decision-making remain aligned, timely, and defensible • Maintain awareness of emerging cyber threats and vulnerabilities • Lead the development and distribution of threat summaries, vulnerabilities notices, and flash threat emails • Create and distribute vulnerability reports as needed • Must have the ability to work in a dynamic environment and flexibly adapt to changing conditions • Must have a high degree of originality, creativity, and initiative requiring minimal supervision

• Fortinet is seeking a dynamic and results-oriented individual to join our team as a SECOPS Sales Solution Specialist for the German Channel. • You will be responsible for driving business growth and expanding our market presence in the Security Operations (SecOps) sector. • You will play a pivotal role in identifying new partners, building strategic partnerships for SecOps, and driving revenue growth through effective sales strategies.

Role Description cFocus Software seeks a Security Operations / Firewall Analyst to join our program supporting the National Institutes of Health (NIH). This position is remote and requires a Public Trust clearance. - Monitor cybersecurity tools and alerts to detect and respond to potential security incidents. - Support Security Operations Center (SOC) activities including threat monitoring and alert analysis. - Assist with firewall configuration, rule management, and network segmentation enforcement. - Analyze system and network logs to identify suspicious or unauthorized activities. - Coordinate with cybersecurity teams to respond to incidents and mitigate vulnerabilities. - Monitor SIEM platforms, IDS/IPS systems, endpoint protection tools, and other security monitoring systems. - Investigate security alerts and escalate incidents based on severity and impact. - Perform analysis of network traffic and endpoint telemetry to identify indicators of compromise. - Track and document incident investigations and response activities. - Provide operational monitoring support during high-volume security events or incidents. - Manage firewall rules to enforce least privilege and default-deny access policies. - Support configuration management and change control processes for firewall rule updates. - Conduct routine firewall rule reviews to identify obsolete or unnecessary access rules. - Validate firewall configurations and ensure compliance with HHS and NIH security standards. - Support network segmentation and security zone management to protect sensitive systems. - Validate and monitor logs generated by network and security devices. - Ensure logging configurations comply with federal cybersecurity guidance including OMB M-21-31. - Analyze log data to identify anomalies, policy violations, or indicators of malicious activity. - Assist with cybersecurity compliance activities and audit preparation. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline. - Minimum 3–5 years of experience supporting security operations, network security monitoring, or firewall administration. - Experience with SIEM platforms and cybersecurity monitoring tools. - Familiarity with IDS/IPS systems, endpoint security solutions, and network security technologies. - Experience supporting firewall administration and rule management. - Understanding of federal cybersecurity frameworks such as NIST RMF and FISMA. - Strong analytical, troubleshooting, and documentation skills.