לוח משרות דרושים הייטק אבטחת מידע / סייבר משרה מלאה

Israel //  Caesarea  cyber offensive Developer
As CybergymIEC keeps growing, we are looking for an experienced cyber offensive Developer to join the team at our Israel HQ.
The CybergymIEC's Red team is a group of offensive cybersecurity experts, Researchers, and developers working collaboratively.
We are seeking a talented and motivated Developer to join our Red Team and play a key role in developing engaging and realistic Red Team emulation for our training. You will be responsible for creating custom tools, scripts, and automation to enhance the learning experience for cybersecurity professionals of all levels.
Main tasks and responsibilities will include:
Design, develop, and maintain custom tools and scripts to simulate real-world red team engagements, including vulnerability exploitation, social engineering tactics, and post-exploitation maneuvers.
Research emerging threats and hacking techniques to ensure training scenarios reflect the latest attacker methodologies.
Integrate open-source and commercial security tools commonly used by red teams into our training simulations.
Collaborate with security instructors and subject matter experts (SMEs) to understand training objectives and translate them into effective technical solutions.
Develop user-friendly interfaces and documentation for the developed tools to ensure smooth integration into training programs.
Participate in the testing and refinement of training emulation to ensure they are realistic, challenging, and meet learning objectives.
Stay up to date on the latest security vulnerabilities, exploits, and defensive techniques (MITRE ATT&CK framework).

Security Compliance Consultantץ
Full Time.
Remote.
About the Company:
We were established by a team of security experts with interdisciplinary knowledge and vast experience in the field of information security. We provide numerous services in the field of information security, application security, penetration testing services, cyber services, APTs, threat modeling, secure architectures & design, and multi-regulation enterprise environments. 
Among our core services are the following:
Audit & regulations PCI DSS, ISO 27001, ISO27701, HIPAA, WLA, GDPR, SOC2.
Risk assessments custom risk assessments for sectorial regulators (Banking oversight & Insurance oversight).
Information security services such as black/ grey/ white box penetration testing, risk surveys based on various security frameworks, gap analysis.
Ongoing consulting services.
Training global training and awareness projects & in-depth training for developers/ QA team and other focused groups.
About the Role: 
We are looking for an Information Security Consultant for our evolving Israel company. This is open to Junior Consultants too. A leading consulting and information security company that has been operating for 14 years. Helping companies meet various information security standards, among others: ISO 27K, SOC2, HIPPA, GDPR, etc. We also certified companies to the PCI DSS standard.
 
Main Job Responsibilities:
Work remotely with US-based clientele.
Lead ISO 27001, SOC 2, and PCI DSS projects.
Lead and perform risk assessments and various information security assessments.
 
We maintain a happy and professional working environment where everyone is valued. Becoming one of us is a decision you will not regret making. 
Interested? Email your Resume to our HR & Recruitment Manager.
We look forward to hearing from you!

We are seeking a highly skilled and motivated Mobile Intelligence Analyst to join our dynamic team in Israel. In this role, you will play a crucial part in supporting our red team efforts and collaborating on key projects with our strategic clients. You will be responsible for conducting in-depth analysis of mobile intelligence data, writing comprehensive reports, and providing valuable insights to inform decision-making processes.
Responsibilities:
Conduct thorough analysis of mobile intelligence data to identify emerging threats, trends, and patterns.
Collaborate with the red team to assess security vulnerabilities and develop effective strategies for mitigation.
Collaborate with internal technical teams to understand their unique requirements and deliver tailored intelligence solutions.
Produce high-quality intelligence reports and presentations that effectively communicate findings and recommendations.
Maintain a high level of organization and attention to detail in all aspects of work, including data management and documentation.
Demonstrate strong teamwork skills and the ability to collaborate effectively with colleagues across different teams and departments.
Take ownership of tasks from start to finish, demonstrating initiative and leadership throughout the process.
Stay up-to-date with the latest developments in mobile technology, cybersecurity threats, and industry best practices.
Utilize SQL for data analysis and querying, extracting insights from large datasets to inform strategic decisions.

We are looking for a talented, experienced Malware Researcher to join our Malware team.
What You'll Do:
Analyze complex applications and SDKs and understand how they work while overcoming obfuscation & encryption.
Take part in developing internal security tools.
Participate in large security projects.
Find the bad guys, take them down, feel proud.

Required Gen AI Security Researcher
ABOUT THE POSITION
As a Red Team Specialist focused on Generative AI Models, you will play a critical role in enhancing the security and integrity of our cutting-edge AI technologies. Your primary responsibility will be to conduct simulated cyber attacks and penetration testing on our generative AI systems, including but not limited to language models, image generation models, and any related infrastructure. The goal is to identify vulnerabilities, assess risks, and provide actionable insights to fortify our AI models against potential threats.
Key Responsibilities:
Simulated Cyber Attacks: Conduct sophisticated and comprehensive simulated attacks on generative AI models and their operating environments to uncover vulnerabilities.
Vulnerability Assessment: Evaluate the security posture of AI models and infrastructure, identifying weaknesses and potential threats.
Risk Analysis: Perform thorough risk analysis to determine the impact of identified vulnerabilities and prioritize mitigation efforts.
Mitigation Strategies: Collaborate with development and security teams to develop effective strategies to mitigate identified risks and enhance model resilience.
Security Protocols Development: Aid in the creation and refinement of security protocols and best practices for the development and deployment of generative AI models.
Research and Innovation: Stay abreast of the latest trends and developments in AI security, ethical hacking, and cyber threats. Apply innovative testing methodologies to ensure cutting-edge security practices.
Documentation and Reporting: Maintain detailed documentation of all red team activities, findings, and recommendations. Prepare and present reports to senior management and relevant stakeholders.
Training and Awareness: Provide guidance and training to technical and non-technical teams on security awareness and best practices related to generative AI.

inventing a new way of managing IT end-to-end for IT professionals and teams worldwide.

By creating an AI-powered IT platform, all-in-one Remote Monitoring and Management (RMM) Helpdesk, Ticketing, and Reporting solution helps more than 23,000 IT pros achieve 10X operational efficiency, cut down time-to-resolution, and deliver better outcomes faster. Located in the heart of Tel Aviv, our team of passionate, like-minded individuals is driven by a shared mission to unleash everyone's potential and constantly innovate. We create an open, transparent, and supportive environment that gives our teams the autonomy, resources, and freedom to thrive.
We are looking for an experienced Application Security Engineer to join our team! As an Application Security Engineer, you will work with our security and R&D teams and collaborate with other IT professionals to ensure that our application, the product, the services, and the data are protected.
This is a full-time and onsite (hybrid-remote) role at our Tel Aviv office.

Responsibilities
Providing technical leadership, guidance, and direction to the DevOps, Development, and Product teams on secure code programming based on industry best practices.
Developing and maintaining specific documentation of application security controls, policies, and procedures and ensuring their implementation.
Designing technical solutions to address security weaknesses.
Analyzing system services and spotting issues in code, infrastructure, and applications.
Develop and implement continuous service improvements to the Application Security Management program.
Deliver next-generation application security controls, solve technical barriers with tools and processes, and align with application teams to ensure strong adoption.
Perform threat modeling, static and/or dynamic analysis, application security validation (negative and positive), source code review, and app PenTests to provide development guidance based on security best practices.
Update the library of information security documentation with application standards, work instructions, and training materials.
Develop communication plans for the enterprise security application function by partnering with business and enterprise architects.
Conducting pilot or POC with selected vendors for threat modeling, architecture reviews, code scanning, and penetration testing.
Collaborating with cross-functional teams and getting their cooperation.

We are seeking a highly skilled and experienced Director of Mobile Threat Analysis to lead our team of mobile threat analysts in Israel.
The Director of Mobile Threat Analysis will be responsible for managing and developing the team, defining strategies for threat detection and mitigation in mobile environments, and ensuring the delivery of actionable insights and solutions to our clients.
This role will also involve close collaboration with our reverse engineering team.
Responsibilities:
Lead and manage a team of mobile threat analysts specializing in various verticals, ranging from content violations to technical malware research.
Define and implement strategies for mobile threat detection and mitigation, leveraging advanced techniques and technologies to stay ahead of emerging threats.
Oversee the analysis of mobile-related threats and incidents, providing timely and accurate assessments to clients and internal stakeholders.
Act as a client-facing subject matter expert on mobile security, working closely with our most strategic clients to understand their unique challenges and requirements, and providing tailored solutions and recommendations.
Collaborate closely with our reverse engineering team to analyze and understand sophisticated mobile threats, malware, and attack techniques.
Collaborate with cross-functional teams, including product management, engineering, and sales, to ensure alignment between threat analysis efforts and business objectives.
Stay up-to-date on the latest trends and developments in mobile security, continuously enhancing the team's capabilities and expertise.
Establish and maintain relationships with external partners, including industry organizations and industry events, representing the company and speaking.

We are looking for a talented and motivated IT & Security Specialist to join our growing team. You will be responsible for managing the day-to-day IT operations and ensuring the security of our company's data and systems.
This is a fast-paced environment where you will wear many hats, but you will never be bored!
Responsibilities:
Manage all aspects of our IT infrastructure, including laptops, servers, and networking.
Troubleshoot and resolve IT-related issues for employees.
Manage the IT MDM platform, and maintain 3rd party applications up to date.
Implement and maintain security policies and procedures.
Monitor security threats and vulnerabilities.
Coordinate regular security assessments and testing
Stay up-to-date on the latest IT security threats and best practices.
Maintain accurate IT documentation.
Utilize top-notch technologies for managing endpoint devices, leveraging the latest advancements in endpoint security and lifecycle management (ETLC).

We are looking for talented hackers to join our unique Adversarial Tactics Department. As a Red Team Expert ,you will work with clients to build their resiliency, i.e their capability to prevent and to sustain attacks. You will also be involved in IR engagements with companies that were attacked by adversaries, learn new TTPs and apply those in Red and Purple team engagements.
Your responsibility as a Cyber consultant is to bring the attackers perspective to engagements. You will help design, create and execute Adversary Simulation exercises, and perform attacks against client services, platforms and infrastructure. This will include, among other things, identifying vulnerabilities through simulated external and internal attacks, validating and enhancing an organizations ability to respond and recover from targeted attacks and persistent adversaries.

We are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.
Main Responsibilities:
Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices.

We are looking for a Android Security Researcher II.
The Security Researcher focuses on deep research of new vulnerabilities
and exploits, including how to use this knowledge to the benefit of our customers and the security product suite.
The work includes reverse engineering, so requires a deep understanding of the target operating system, and relevant tools and techniques. Depending on the specific role, Security Researchers will be expected to deliver product detection enhancements (including code and/or rules), POCs of exploits, CVEs, and marketable research.
Security Researchers will have access to cutting-edge technology only found within the Threat Labs team.
Security Researchers analyze customer detections, informing our response and further development of our proprietary threat intelligence and security capabilities.
What you can expect to do in this role:
Perform research, including reverse engineering, into novel and zero-day vulnerabilities and exploits, using of in-house and 3rd party tooling, providing recommendations on how to protect our customers.
Perform analysis of customer detections generated by our platform to determine accuracy; recommend detection changes accordingly.
Research new ways to detect malicious activity using custom-built tooling.
Stay up to date on the latest malware trends and OS developments.
Development and maintenance of custom research tools to assist in day-to-day tasks.
Support sales and marketing by supporting the creation of marketable material and thought leadership.
Perform other duties and special projects as assigned.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback

Security Researcher plays a critical role in advancing our mobile security research efforts.
This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research.
What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.

A software development company, specializing in sophisticated e-commerce solutions, is looking for a motivated, talented security guard to join our growing team.