לוח משרות דרושים מומחה אבטחת מידע / סייבר

Security Compliance Consultantץ
Full Time.
Remote.
About the Company:
We were established by a team of security experts with interdisciplinary knowledge and vast experience in the field of information security. We provide numerous services in the field of information security, application security, penetration testing services, cyber services, APTs, threat modeling, secure architectures & design, and multi-regulation enterprise environments. 
Among our core services are the following:
Audit & regulations PCI DSS, ISO 27001, ISO27701, HIPAA, WLA, GDPR, SOC2.
Risk assessments custom risk assessments for sectorial regulators (Banking oversight & Insurance oversight).
Information security services such as black/ grey/ white box penetration testing, risk surveys based on various security frameworks, gap analysis.
Ongoing consulting services.
Training global training and awareness projects & in-depth training for developers/ QA team and other focused groups.
About the Role: 
We are looking for an Information Security Consultant for our evolving Israel company. This is open to Junior Consultants too. A leading consulting and information security company that has been operating for 14 years. Helping companies meet various information security standards, among others: ISO 27K, SOC2, HIPPA, GDPR, etc. We also certified companies to the PCI DSS standard.
 
Main Job Responsibilities:
Work remotely with US-based clientele.
Lead ISO 27001, SOC 2, and PCI DSS projects.
Lead and perform risk assessments and various information security assessments.
 
We maintain a happy and professional working environment where everyone is valued. Becoming one of us is a decision you will not regret making. 
Interested? Email your Resume to our HR & Recruitment Manager.
We look forward to hearing from you!

We are looking for a talented, experienced Malware Researcher to join our Malware team.
What You'll Do:
Analyze complex applications and SDKs and understand how they work while overcoming obfuscation & encryption.
Take part in developing internal security tools.
Participate in large security projects.
Find the bad guys, take them down, feel proud.

inventing a new way of managing IT end-to-end for IT professionals and teams worldwide.

By creating an AI-powered IT platform, all-in-one Remote Monitoring and Management (RMM) Helpdesk, Ticketing, and Reporting solution helps more than 23,000 IT pros achieve 10X operational efficiency, cut down time-to-resolution, and deliver better outcomes faster. Located in the heart of Tel Aviv, our team of passionate, like-minded individuals is driven by a shared mission to unleash everyone's potential and constantly innovate. We create an open, transparent, and supportive environment that gives our teams the autonomy, resources, and freedom to thrive.
We are looking for an experienced Application Security Engineer to join our team! As an Application Security Engineer, you will work with our security and R&D teams and collaborate with other IT professionals to ensure that our application, the product, the services, and the data are protected.
This is a full-time and onsite (hybrid-remote) role at our Tel Aviv office.

Responsibilities
Providing technical leadership, guidance, and direction to the DevOps, Development, and Product teams on secure code programming based on industry best practices.
Developing and maintaining specific documentation of application security controls, policies, and procedures and ensuring their implementation.
Designing technical solutions to address security weaknesses.
Analyzing system services and spotting issues in code, infrastructure, and applications.
Develop and implement continuous service improvements to the Application Security Management program.
Deliver next-generation application security controls, solve technical barriers with tools and processes, and align with application teams to ensure strong adoption.
Perform threat modeling, static and/or dynamic analysis, application security validation (negative and positive), source code review, and app PenTests to provide development guidance based on security best practices.
Update the library of information security documentation with application standards, work instructions, and training materials.
Develop communication plans for the enterprise security application function by partnering with business and enterprise architects.
Conducting pilot or POC with selected vendors for threat modeling, architecture reviews, code scanning, and penetration testing.
Collaborating with cross-functional teams and getting their cooperation.

We are looking for a talented and motivated IT & Security Specialist to join our growing team. You will be responsible for managing the day-to-day IT operations and ensuring the security of our company's data and systems.
This is a fast-paced environment where you will wear many hats, but you will never be bored!
Responsibilities:
Manage all aspects of our IT infrastructure, including laptops, servers, and networking.
Troubleshoot and resolve IT-related issues for employees.
Manage the IT MDM platform, and maintain 3rd party applications up to date.
Implement and maintain security policies and procedures.
Monitor security threats and vulnerabilities.
Coordinate regular security assessments and testing
Stay up-to-date on the latest IT security threats and best practices.
Maintain accurate IT documentation.
Utilize top-notch technologies for managing endpoint devices, leveraging the latest advancements in endpoint security and lifecycle management (ETLC).

We are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.
Main Responsibilities:
Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices.

We are looking for a Android Security Researcher II.
The Security Researcher focuses on deep research of new vulnerabilities
and exploits, including how to use this knowledge to the benefit of our customers and the security product suite.
The work includes reverse engineering, so requires a deep understanding of the target operating system, and relevant tools and techniques. Depending on the specific role, Security Researchers will be expected to deliver product detection enhancements (including code and/or rules), POCs of exploits, CVEs, and marketable research.
Security Researchers will have access to cutting-edge technology only found within the Threat Labs team.
Security Researchers analyze customer detections, informing our response and further development of our proprietary threat intelligence and security capabilities.
What you can expect to do in this role:
Perform research, including reverse engineering, into novel and zero-day vulnerabilities and exploits, using of in-house and 3rd party tooling, providing recommendations on how to protect our customers.
Perform analysis of customer detections generated by our platform to determine accuracy; recommend detection changes accordingly.
Research new ways to detect malicious activity using custom-built tooling.
Stay up to date on the latest malware trends and OS developments.
Development and maintenance of custom research tools to assist in day-to-day tasks.
Support sales and marketing by supporting the creation of marketable material and thought leadership.
Perform other duties and special projects as assigned.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback

Security Researcher plays a critical role in advancing our mobile security research efforts.
This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research.
What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.

A software development company, specializing in sophisticated e-commerce solutions, is looking for a motivated, talented security guard to join our growing team.

we are on the lookout for a Director Of Infrastructure, one who lives and breathes DevOps & security principles and methodologies, with a developer and business objective mindset.
Role:
Lead, support, and mentor a group of four teams: DevOps, DevSecOps, SRE, and Infra. Currently overseeing 15 engineers, directly managing the team leads of the DevOps and DevSecOps teams, and providing both technical guidance and management leadership
Build a new Site Reliability Engineering (SRE) team that will be in charge of the health of the production environment. This team will be a central part of our production operations strategy, working hand in hand with our Operations team, DevOps, and R&D.
Build an R&D infrastructure team to develop and support applicative infrastructure components such as databases, web servers, logging mechanisms, and any other low-level infrastructure required by the R&D team to achieve their objectives.
Plan the team's roadmap to meet our business objective
Work closely with tech leads to define, design and implement infrastructure needs
Responsible for all DevOps and security areas: infrastructure and cloud environments, CI/CD, observability, SAST, SCA, SSDLC and Cloud Security
Lead a developer/development experience culture make developers more efficient and productive by addressing their pain points, ensuring the reusability of tools among all development teams, maintaining consistent standards for testing and monitoring, and continuously improving developer tools.
Accountable for the architecture and technical leadership of the complete DevOps infrastructure and stack
Implement and maintain security best practices and standards, leading the security issue remediation process as part of the integration with Mastercard
Oversee DevOps tasks, perform code reviews and provide development assistance
Optimize operation efforts and adopt new tools
Design, implement, and continually improve everything the team does to accelerate performance and efficiency
Serve as an escalation point for the team and other stakeholders within the organization
Collaborate closely with stakeholders in designing, implementing, and troubleshooting production services
Recruit new candidates for the team and retain talents

A SaaS platform delivers AI-powered recommendations to eliminate detection coverage gaps in the organization's existing security stack.
Our platform is not yet another security monitoring product, but an innovative solution that uses AI and automation to maximize the value of the existing security tools and systems.
Among our clients are some of the top 10 private equity firms; top 10 consumer packaged goods manufacturers; top 10 cable operators; top 10 US law firms; top 10 money transfer firms; and top 15 MDR/MSSP.
was founded in early 2020 by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others.

We are looking for a Security Researcher to join our Cyber Security team
This role involves conducting research on the cybersecurity landscape, leveraging intelligence feeds to map existing threat actors, attack vectors, and TTPs, and analyzing complex data to detect advanced threats using knowledge of the current threat landscape.
This role will also help to identify and build strategies to correct gaps and issues in customers' environment, including defining new detection content or use cases and working with the engineering team to deploy them.

RESPONSIBILITIES
Discover, analyse and track advanced cyber-attack campaigns
Conduct proactive research to define new use cases/detection rules
Conduct research (OSINT, labs etc.) to generate threat intelligence
Maintain current knowledge of adversaries tactics, techniques, procedures, malware attacks, and other cyber security threats
Curate knowledge based on APT groups, monitoring and detection tools
Interact with customers orally and in writing
Proactively identify cyber security improvements and recommend appropriate control improvements

We are looking for an information security expert with an excellent understanding of cloud security to join us as a SecOps Engineer.
As a SecOps Engineer, you will work collaboratively with our development and infrastructure teams to secure our cloud-based platform, ensuring the confidentiality, integrity, and availability of our systems and data.
Responsibilities:
Monitor and respond to security events, vulnerabilities, and threats in our environment.
Develop and implement security policies, procedures, and controls.
Conduct regular security assessments and penetration testing.
Automate security tasks and implement security-focused DevOps practices.
Respond to security incidents and perform forensic analysis.
Stay up to date with emerging security threats and trends.
Participate in the design and implementation of new features and products to ensure they meet security requirements.