לוח משרות דרושים מומחה בדיקת חדירות משרה מלאה

We are looking for an ambitious, experienced, and multi skilled Senior Cybersecurity Researcher to join our unique team.
As a member of our team, you will have a deep understanding of both computer science and information security. You will understand advanced concepts like exploit development and stealthy operations. You will conduct Offensive Security Testing, consisting of highly secured solutions using Windows and Linux.
This role will provide YOU the opportunity to lead key activities to progress YOUR career. The responsibilities include the following:
Perform testing and vulnerability assessments on system and networks, focusing on network security and identifying potential weaknesses and vulnerabilities
Research and integrate the latest tools, tactics, techniques, procedures, and developments in vulnerabilities research, exploitation, privilege escalation, defense evasion, lateral movement, and means of achieving objectives into new or existing capabilities
Develop detailed testing plans and use-cases to ensure coverage of scope and reducation of attack surface

Israel //  Caesarea  cyber offensive Developer
As CybergymIEC keeps growing, we are looking for an experienced cyber offensive Developer to join the team at our Israel HQ.
The CybergymIEC's Red team is a group of offensive cybersecurity experts, Researchers, and developers working collaboratively.
We are seeking a talented and motivated Developer to join our Red Team and play a key role in developing engaging and realistic Red Team emulation for our training. You will be responsible for creating custom tools, scripts, and automation to enhance the learning experience for cybersecurity professionals of all levels.
Main tasks and responsibilities will include:
Design, develop, and maintain custom tools and scripts to simulate real-world red team engagements, including vulnerability exploitation, social engineering tactics, and post-exploitation maneuvers.
Research emerging threats and hacking techniques to ensure training scenarios reflect the latest attacker methodologies.
Integrate open-source and commercial security tools commonly used by red teams into our training simulations.
Collaborate with security instructors and subject matter experts (SMEs) to understand training objectives and translate them into effective technical solutions.
Develop user-friendly interfaces and documentation for the developed tools to ensure smooth integration into training programs.
Participate in the testing and refinement of training emulation to ensure they are realistic, challenging, and meet learning objectives.
Stay up to date on the latest security vulnerabilities, exploits, and defensive techniques (MITRE ATT&CK framework).

Security Compliance Consultantץ
Full Time.
Remote.
About the Company:
We were established by a team of security experts with interdisciplinary knowledge and vast experience in the field of information security. We provide numerous services in the field of information security, application security, penetration testing services, cyber services, APTs, threat modeling, secure architectures & design, and multi-regulation enterprise environments. 
Among our core services are the following:
Audit & regulations PCI DSS, ISO 27001, ISO27701, HIPAA, WLA, GDPR, SOC2.
Risk assessments custom risk assessments for sectorial regulators (Banking oversight & Insurance oversight).
Information security services such as black/ grey/ white box penetration testing, risk surveys based on various security frameworks, gap analysis.
Ongoing consulting services.
Training global training and awareness projects & in-depth training for developers/ QA team and other focused groups.
About the Role: 
We are looking for an Information Security Consultant for our evolving Israel company. This is open to Junior Consultants too. A leading consulting and information security company that has been operating for 14 years. Helping companies meet various information security standards, among others: ISO 27K, SOC2, HIPPA, GDPR, etc. We also certified companies to the PCI DSS standard.
 
Main Job Responsibilities:
Work remotely with US-based clientele.
Lead ISO 27001, SOC 2, and PCI DSS projects.
Lead and perform risk assessments and various information security assessments.
 
We maintain a happy and professional working environment where everyone is valued. Becoming one of us is a decision you will not regret making. 
Interested? Email your Resume to our HR & Recruitment Manager.
We look forward to hearing from you!

We are looking for talented hackers to join our unique Adversarial Tactics Department. As a Red Team Expert ,you will work with clients to build their resiliency, i.e their capability to prevent and to sustain attacks. You will also be involved in IR engagements with companies that were attacked by adversaries, learn new TTPs and apply those in Red and Purple team engagements.
Your responsibility as a Cyber consultant is to bring the attackers perspective to engagements. You will help design, create and execute Adversary Simulation exercises, and perform attacks against client services, platforms and infrastructure. This will include, among other things, identifying vulnerabilities through simulated external and internal attacks, validating and enhancing an organizations ability to respond and recover from targeted attacks and persistent adversaries.

We are looking for a researcher to help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
Responsibilities:
Research innovative network attack vectors and lateral movement techniques in diverse environments & technologies, including Windows, cloud, virtualization frameworks, OT and more.
Study security mechanisms, implementation details and internals of various identity & access management technologies, identify potential security flaws of products and protocols
Perform comprehensive risk assessments of customers infrastructure to identify security issues and lateral movement paths
Develop new red-team techniques, tools and frameworks to discover and simulate attack scenarios
Demonstrate POCs based on your ideas and knowledge and lead the implementation process
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams

We are looking for a Software Research Engineer to join our Operational Technology Content team.
In this role, you will take part in protecting our customers' OT environments from a wide range of cyber threats.
Your contributions will be directly impactful, not only ensuring our customers' success but also making a significant difference in the evolving landscape of OT security.
Your Opportunity:
Research OT/IoT threats, malware and exploitation tools
Develop effective threat detection rules and enhance our product's capabilities for better threat detection
Research newly published vulnerabilities and security advisories in order to develop new detection plugins for our OT Security product
Research, develop and improve methods of detection for currently unsupported OT/IoT devices

We are looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work.
A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

Required Senior Vulnerability Researcher
What will you do:
The vulnerability researcher will explore different security aspects of new technologies and suggest novel ways to break and protect these technologies.
Vulnerability research of many interesting technologies and popular products. Everything could be an option, from Internal OS components to cloud SaaS services, from DevOps tools to Linux Containers, etc.
Focusing on finding identity-related vulnerabilities and new attack vectors on any kind of digital identity: human, application, and machine identities.
Development of exploitation and mitigation POCs and tools.
Working together with R&D and PM to shape our future features & products.
Initiate and help driving innovation around your research area.
Writing blog posts and presenting new research work at security conferences such as Blackhat, DEFCON, RSA.

We are looking for a highly motivated, fast learning researcher to focus on vulnerability research & exploitation in embedded environments.
In this roll you will acquire a deep understanding of proprietary and unique technologies.
A special opportunity to deep dive into embedded devices internals and the full understanding of functionality and design of IOT. You will also develop and utilize the knowledge acquired into the product and the production environment and provide end-to-end solutions in your domain.

required
Junior Penetration Tester 
Entry Level
Full Time
Rehovot, Israel
we are now hiring a Penetration Tester. 
Tasks & Responsibilities:
* Performing penetration tests on several layers: web app, infra.
* After gaining some experience, scope will grow to include mobile apps & desktop apps.
* After gaining some experience communicating directly with clients as needed per the project scope.
* Performing penetration tests under white/grey/black box settings.
* Self-learning technologies in preparation for projects.
* Writing reports in formal, high-level English skills.
* Working with common protocols such as HTTP, DNS, FTP, etc.