לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

Requirements:
* 4 years of cyber security & data analyst research.
* Experience with web hacking techniques.
* Experience with Python development.
* Experience with data analysis techniques: SQL, pandas (Python).
* Ability to take ownership and execute tasks end-to-end.
* Good understanding of HTTP and APIs - advantage.
* Bachelors degree in Computer Science or equivalent - advantage.

Requirements:
+4 years of experience in cybersecurity, particularly in cloud environments.
Military background or experience with Ex-CNAPP.
Proficiency in threat detection and familiarity with cloud technologies and platforms.
A customer-first mindset, iming to exceed customer expectations and contribute to their success.
Demonstrated customer-first approach, committed to exceeding expectations and simplifying processes to enhance overall customer success.
Exceptional communication skills and professionalism, with meticulous attention to detail and a proactive stance in all interactions and tasks.
Resourcefulness and creativity in problem-solving, capable of achieving high standards and overcoming challenges with less.

Requirements:
+4 years of experience as a Vulnerability Researcher specializing in Web hacking and Offensive security.
Experience with cloud platforms and products (e.g. AWS, GCP, and Azure).
Military background or experience with Ex-CNAPP is highly advantageous.
Possession of a Vulnerability Research Certification, contributions to CVEs, or a recognized standing in global security rankings is highly desirable.
Ownership and Professionalism you ARE required for a deep sense of responsibility towards work, with attention to detail, and a proactive approach to tackling any task, regardless of its nature.
Resourcefulness Ability to achieve more with less, utilizing creativity and high standards to navigate and overcome challenges pragmatically.

Requirements:
* Strong understanding of web application security principles, vulnerabilities, and attack vectors (e.g., OWASP Top 10, CWE/SANS Top 25).
* Experience in reviewing and reproducing reported vulnerabilities, whether from customers or penetration test results, using manual testing techniques and tools.
* Proficiency in using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) platforms to identify security issues in code and running.
* Experience in planning and implementing detection use cases to identify attack tactics, techniques, and procedures (TTPs) used by adversaries.
* Capability to deliver detection capabilities using Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) solutions.
* expertise in using a wide range of penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, Wireshark, SQLmap, John the Ripper, etc.
* Ability to effectively utilize these tools for vulnerability scanning, network reconnaissance, exploitation, privilege escalation, password cracking, and data exfiltration.
* Proficiency in using web application testing tools such as OWASP ZAP, Acunetix, AppSpider, and Netsparker for identifying security flaws and vulnerabilities in web applications (e.g., SQL injection, XSS, CSRF).
* Security experience in AWS, GCP, or Azure; ideally including working with container and Kubernetes-based infrastructure
* Leading security operations functions – including vulnerability management, detection, and incident response – in CI/CD and cloud-native production environments.

Requirements:
* At least one year of experience in roles related to intelligence (CTI/Webint/OSINT).
* Familiarity with cyber concepts and terms
* Fluent in written and spoken English
* Experience in professional writing
* Creativity and curiosity
* Desire to develop and grow in the role
* Knowledge in Python, Excel, and Kibana- an advantage

Requirements:
At least 3 years of experience as a cybersecurity professional, including:
Knowledge of security design and architecture
Hands-on technical configuration and implementation of cyber security standards and controls
At least 2 years in professional services consulting delivering value directly to organizations, or demonstrated experience delivering to internal clients
At least one or comparable skills and experience: CISSP, OSCP, CCIE, CCSE, JNSE, CCDP, CSA; or equivalent military tech training
Demonstrated experience working in IT, security engineering, application security, or similar positions in which you have gained profound network security understanding (routers, firewalls and NG FW & IPS, proxies, WAF, DLP, AD, GPO, EDR, cloud security)
Knowledge of authentication protocols, Active Directory, Exchange and Office365, Azure and AWS knowledge advantage
Proven Presentation skills and client facing experience, including the ability to document and explain technical information in a concise, understandable manner
Ability to work in parallel on multiple projects under tight deadline
Fluent English (written and spoken). Native English speaker - an advantage
Academic degree, preferably in Computer Sciences or a technical discipline an advantage
Willing to travel abroad. Significant portion of your time will be spent in collaborating with client - onsite

Requirements:
Minimum of 3 years of experience as a Pen tester/Red teamer.
Previous consulting experience is beneficial.
Deep understanding and extensive experience in penetration testing methodologies and tools.
Deep technical understanding of a broad technology set and the ability to learn new information at a rapid pace.
Desire to learn new technologies and break them apart is a must.
Deep familiarity with Active Directory attacks and defenses.
Background in application security - advantage.
Fluent English (Written, Spoken) and proven presentation skills - must.
Scripting and tools development (Python, PowerShell, Bash etc.).
Developing tools in C/C++, C#, Python, Java, PowerShell.
Developing, extending, or modifying exploits, shellcode or exploit tools.
Experience in reverse engineering malware advantage.
Fluent English (written and spoken).
Willingness to travel abroad.

Requirements:
At least 3 years of a relevant experience (from military service and/or industry).

Bright, curious and determined team player, who strive for excellency.

Problem solver, in-depth thinker with growth mindset.

Demonstrated in-depth understanding of the life cycle of advanced security threats, attack vectors and variant methods of exploration.

Deep technical understanding of network fundamentals and common Internet protocols.

Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix and MacOS), including host-based forensics and experience with analyzing OS artifacts.

Fluency with one or more scripting language (i.e. Python).

Multidisciplinary knowledge and competencies, such as:

o Hands-on experience in data analysis (preferably network traffic or log analysis) in relevant data analysis and data science platforms (Jupyter, Splunk, pandas, SQL).

o Familiarity with cloud infrastructure, web application and servers, android and iOS mobile platforms.

o Experience with malware analysis and reverse engineering.

o Familiarity with enterprise SIEM platforms (e.g. Splunk, QR.adar, ArcSight).

Excellent communication and interpersonal skills. Fluent English, including the ability to document and explain technical information in a concise, understandable manner.

Willing to travel abroad (~30% of the time).

Requirements:
Lead incident response and hunting efforts, including large scale sophisticated attacks, to contain and defeat to real-world cyber threats

Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigation, as well as security assessments.

Provide excellent communication and status updates to a variety of audiences, including technical and executive stakeholders

Collaborate and work with clients IT and Security teams during investigations

Design and improve internal incident response methodologies and processes

At least 5 years experience in team management (from military service and/or industry)

Decisive bright and positive leader, who strive for excellency

Calm leader with in-depth thinking and ability to succeed in an ultra-dynamic, fast pace environment/situation.

Unwavering focus and crisis management skills: Must have the ability to see things for what they are, to manage relationships and communication channels and to evaluate the actions taken.

Exceptional written and verbal presentation skills - must be able to articulate complex technical issues in a concise and confident manner to both technical personnel and executive level management

In-depth understanding of the life cycle of advanced security threats, attack vectors and methods of exploitation

Strong technical understanding of network fundamentals, common Internet protocols and system and security controls

Experience with the tools and techniques used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations

Previous experience in strategy or cybersecurity consulting - advantage

Academic degree in a technological or scientific discipline - advantage

Willingness for intensive travel abroad

Requirements:
Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigations, as well as security assessments.

Guide and empower team members, enhancing their technical and research skills.

Lead client-facing projects including incident response and hunting efforts for large-scale sophisticated attacks, to contain and defeat real-world cyber threats.

Collaborate and work with clients IT and Security teams during investigations.

Design and improve internal incident response technologies, methodologies, and processes.

At least 3 years experience in team management (from military service and/or industry).

Excellent English spoken and written.

In-depth understanding of the lifecycle of advanced security threats, attack vectors and methods of exploitation.

Strong technical understanding of network fundamentals, common internet protocols and system and security controls.

Experience with the tools and techniques used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.

Multidisciplinary knowledge and competencies, such as:

o Hands-on experience in data analysis (preferably network traffic or log analysis) in relevant data analysis and data science platforms (Jupyter, Splunk, pandas, SQL).

o Familiarity with cloud infrastructure, web application and servers, Android and iOS mobile platforms.

o Experience with malware analysis and reverse engineering.

o Familiarity with enterprise SIEM platforms (e.g. Splunk, QRadar, ArcSight).

Exceptional reporting and analytics abilities, written and oral presentation skills must be able to articulate complex technical issues in a concise and confident manner, and provide status updates to a variety of audiences, including technical personnel and executive-level management.

Ability to work in a dynamic matrix organizational structure, with people across all levels in the company, including executives and technical stakeholders.

Team-oriented, with excellent communication skills.

Decisive, bright, and positive leader, who strives for excellencee.

Previous experience in strategy or cybersecurity consulting an advantage.

Willingness for extensive travel abroad.

Requirements:
At least 4 years of hands-on experience as a Cyber Security Engineer in the cyber security industry.
Relevant experience may include working as a SOC/MSSP Integrator, SOC/MSSP Tier 3 Analyst with integration experience, or Cyber Security Engineer role.
Very high proficiency in English (written and spoken).
Experience in implementing EDR, SIEM, email security, WAF, NAC, and firewall cyber security solutions.
Experience with providing technical guidance and support to global clients.
Familiarity with log collection methodologies and systems, auditing policies, and maintaining visibility across networks, hosts, and cloud environments.
Deep understanding and proven experience working with cloud security environments, architectures, and solutions.
Demonstrated experience working with Linux operating systems (proficiency in Linux command-line tools, including file manipulation, system administration, and troubleshooting).
Experience working with relational databases, preferably SQL.
Familiarity with cyber security industry standards and best practices.
Excellent problem-solving skills and the ability to work independently.
Advanced familiarity with the cybersecurity threat landscape and attack scenarios.
Excellent communication skills, including strong ability to elaborate on a technical idea.
Proven experience with OT environments significant advantage

Requirements:
IT or Security related degree or certification
At least 3 years of experience in similar positions.
Knowledge and experience managing and deploying systems and processes similar to:
Security protocols functionality
Firewalls, URL filtering, email and domain protections
EDR/EPP anti-malware products
SIEM systems management and configurations
Security incidents alerting and monitoring processes
Incident Response processes
Outstanding communication skills that go beyond tech talk the ability to translate complex IT matters to those without an IT background
Strong time management and organizational skills
Previous exposure to MAC, Windows and Linux Operating Systems
Coding languages: Python, Bash, Powershell, minimum knowledge is a must

Requirements:
B.S. or M.S. in Computer Science or related field, or equivalent experience.
Experience with exploiting common security vulnerabilities.
Ambitious and results-oriented, with excellent communication skills.
Proven track record of finding web application and or cloud infrastructure vulnerabilities.
3+ years of work experience writing code in one or more of the following programming languages: JavaScript, Python, PHP, Java, Ruby, C/C++, Go, or Rust (or a similar language).

Requirements:
At least 5+ years of multifaceted defensive and offensive security experience in an enterprise Saas-based company
Strong technical knowledge and deep experience in security logging and monitoring, vulnerability assessment, risk-based analysis, and vulnerability mitigation
A skilled security expert who can implement tools and processes to incorporate threat intelligence from the ground up and automate threat-hunting
Operational experience with AWS security solutions (e.g Inspector, Guarduty, Detective, Security Hub, Advanced Shield)
Hands-on experience designing and deploying security controls across all security domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions
Capable of leveraging programming and/or scripting languages to solve practical day-to-day security challenges (Python, Go, Ruby)
Strong understanding of encryption technologies (e.g, TLS, HMAC, RSA, AES, PKI)
Strong understanding of Web-related technologies (e.g, HTTP, SOAP, REST, TCP / IP)
Experience conducting or managing incident response for organizations, investigating targeted threats
Experience and knowledge of common penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc
Bachelors or Masters degree in computer science or equivalent experience
Information security professional certifications are a plus (CLSSP, CISSP, CISA, GSSP, GSEC, etc.)
Soft Skills / Personal Characteristics:
Ability to work autonomously in a fast-paced, cross-functional environment and comfortable with ambiguity

Requirements:
At least 4+ years of security experience, out of which at least 1 year as a security researcher
Experience in Python or another programming language
Wide knowledge in information security, deep understanding of security practices, vulnerabilities and defenses.
Creative thinker, has the ability quickly dive into new unfamiliar challenges
Good communication skills, ability to explain and simplify complex ideas
Basic Data Skills an advantage
Reverse engineering experience an advantage
Vulnerability research experience a big advantage
Experience working with customers an advantage
Bachelor's degree in Computer Science or equivalent Degree - an advantage
Knowledge in network protocols an advantage
Desire to work in a fun, fast paced environment, in a great team!