לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

Required Application Security Expert
Job Description:
Work closely with dev teams on all SDLC levels, performing security design reviews, threat modeling, and penetration tests, while acting as a security mentor for developers
Perform code reviews to identify security flaws and vulnerabilities
Research the platform code and services used by our developers
Build creative tools and services to detect and solve cross-security issues
Develop and deliver security training CTFs for our developers.

We are looking for a Threat Hunting Researcher to take a key role in the CTO group. In this role, you will deep dive into our client environment data, providing Threat Hunting professional services. You will assist our clients with detecting and stopping identity threats and build knowledge to detect and prevent new types of threats.

Responsibilities
Conduct Threat Hunting and security posture on the clients environment using platform data
Assist customers with security response
Develop and automate Threat Hunts and posture analysis
Analyze emerging cyber-security threats
Find ways to use the Identity Protection Platform to detect and prevent these threats
Work with the product and development team to improve the product to include these detections and preventions
Create product guidelines, policies, and best practices, working closely with customers while understanding their needs
Publish your findings to share the knowledge with our customers and industry

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

We are looking for a Cyber Intelligence Analyst to join our Threat Command team and take our threat intelligence analysis capabilities to the next levels.
As part of the Cyber Intelligence Analyst team, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts..)
In this role, you will:
Research new cybercrime trends and attack vectors that could be converted into actionable on-demand delivered intelligence.
Respond to customers RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.
Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.
Educate and empower our customers, providing them with additional context on various threats and advising on best practices.
Ensure and sustain day-to-day activities of undercover avatars.
Work closely with R&D, Marketing, Sales, and Customer Success teams to provide intelligence expertise.
Delivering and managing A to Z intelligence-related projects, products, and services.
Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.

We are looking for a motivated, energetic and experienced Information Security Manager (ISM) to be part of our information security journey and take the lead in the security GRC and awareness domains. Take ownership of your domain and oversee information security through the development of policies, training initiatives, establishment of vendor security assurance, advancement of company awareness, and the development of security and privacy compliance certificates and audits.

As a key role within the Information Security team, the ISM position requires a working knowledge of information security systems and technologies. The ISM will proactively work with all teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.

The ISM will serve within the Governance, Risk, and Compliance (GRC) team as the process owners of GRC activities related to the availability, integrity and confidentiality of customers, business partners/vendors, employees, and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
What you will be doing:
Manage Forters GRC program, ensuring compliance with SOC2, ISO 27001/27701 and PCI-DSS, while enhancing process efficiency through the implementation of automation.
Review, update, and create policies and procedures to ensure alignment with customer requirements, certifications, and regulations.
Respond to security questions and questionnaires from company prospects and customers, providing support for company operations.
Conduct routine internal security reviews.
Manage information security risk activities, including conducting annual risk assessments, performing root cause analysis, and overseeing remediation activities.
Lead the vendor security program - Assess the security and compliance of vendors.
Responsible for the security awareness program, conducting training sessions, quizzes, and drills.
Continuously enhance the security standard of solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluate them.
Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts.

We are looking for Experienced Penetration Tester with Expertise in IOT.
As a Pentester with expertise in IoT security, you will play a crucial role in identifying and addressing potential vulnerabilities in pentesting IoT projects and medical devices.
The ideal candidate will have a minimum of 2 years of hands-on experience in penetration testing and a background in pentesting IoT devices.
Job Description:
Conduct comprehensive penetration tests on different types of system and technologies, with a specific emphasis on IoT devices.
Identify and exploit security vulnerabilities on thick client/mobile applications and also on products like IoT or medical devices.
Assess the security of embedded systems, firmware, and IoT protocols.
Provide detailed reports and recommendations for mitigating identified risks, especially in the IoT context.
Stay up-to-date with the latest cybersecurity trends and threat landscapes, particularly in the rapidly evolving IoT domain

We are looking for an Experienced Penetration Tester at Advanced Security Center.
Job Description:
The work involves simulating attack scenarios against various applications, infrastructure, and network solutions on a wide range of platforms and technologies. In addition to penetration testing and forensic services, we also offer consulting services, secure design and development services, and training.
We provide an extensive training program that enables programmers, infrastructure, and network engineers to transition into the security profession and develop a long-lasting career path.

We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response

We are growing and is looking for a talented Threat Hunting Expert to join the company to enable our growth by investigating and hunting for sophisticated threat actors in the cyber security world.
The SOC Platform intelligently correlates events from every organizational data source and security solution, revealing undetected threats in modern enterprises and allowing security analysts to triage and investigate security events rapidly.
Team Axon comprises unique cyber security talents, who are responsible for proactively hunting for advanced threat actors over different attack platforms in our customers' environments, and for the investigation of sophisticated attacks. The team exhibits bleeding-edge threat hunting and research skills, which are applied over Enterprise, Cloud and SaaS platforms.
RESPONSIBILITIES:
What youll do:
Engage in continuous threat hunting practices and reveal below the radar attacks which bypassed current traditional security solutions.
Serve as an expert to our customers, Investigating sophisticated cyber attacks on customers environments over enterprise, cloud and application platforms.
Be at the heart of the Cyber Security threat landscape and research the most recent attack techniques found in the wild.
Be the focal point in the ecosystem, working closely with R&D, AI and product teams.
Implement cutting-edge detection strategies, and develop innovative investigation methodologies that will boost our platforms effectiveness and efficacy.
Be at the forefront of our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments.

We are looking for a Cybersecurity Software Engineer for our Research team. Join us in building a robust real-time detection and transformation engine and contribute to content development and security engineering.
RESPONSIBILITIES
Work as a member of an Agile Scrum team to design, develop, and maintain detection and investigation content, large-scale data stream processing pipelines and backend components on top of Flink, K8S, and AWS.
Improve existing tooling, APIs, and logging mechanisms for streamlined data processing.
Collaborate on optimizing SQL queries for superior system performance and cost reduction.
Share expertise with the Research team, contributing to a collaborative learning environment.
Design, develop, and implement solutions to handle scaling with good performance & cost that are easy to maintain.
Take a crucial part in content development to enhance the effectiveness of our threat detection and response capabilities.
Collaborate with engineers across our R&D group and Product Managers to improve our platform.
Develop and implement data quality checks to ensure accuracy and completeness of data and work on externalizing monitoring capabilities.

As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC).
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications.
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass.
Conduct threat modeling and architecture security review.
Develop and maintain secure coding standards and guidelines for application developers.
Monitor and analyze security incidents and provide timely response and resolution.
Stay current with emerging threats, vulnerabilities, and industry best practices in application security.
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts.
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes.
Deliver secured development training to developers.

We are looking for talented security researchers, people who look at the world differently, who explore, "hunt" and live to beat the system and challenge it. People who are in pursuit of outsmarting the malware and overcoming it.
Youll be part of an exceptional research team that will ensure we provide the best detection, protection, and visibility capabilities to our customers at any given time. The team leads the vulnerabilities, exploits and anti-tampering research for all of our security products under all platforms. The team does it by performing in-depth analysis and research of vulnerabilities and exploits, while also being responsible for closing the loop through the development and deployment of detection assets to millions of endpoints across the globe. Youll be working closely with other detection teams to ensure our customers get the best security products they can. Your time will be focus on research and detection & protection assets.
Research
Assessing and evaluating our detection and protection coverage against in the wild vulnerabilities, exploits, and anti-tampering techniques.
Closing the loop by conducting research to discover and implement innovative solutions for these security challenges.
Initiate and propose new features and capabilities, leveraging personal experience and expertise in security research.
Perform strategic long-term research projects that involve deep research of OS internals, new detection techniques, and novel threats.
Continually learn about emerging vulnerabilities, exploits, threats, techniques, and new technologies on a regular basis.
As a security research expert, youll collaborate with many teams to help and support their work using your expertise, knowledge, or research.
Detection And Protection assets
Youll be responsible for developing the new detection content for all of our engines that will improve our detection, protection, and visibility, reaching all of our millions of endpoints across the globe.
Youll be responsible for the quality and accuracy of the deliverables that youll create and be accountable for them.
Youll create, maintain, and improve existing infrastructure and tools that are being used by the team.
You will also be encouraged to write white papers, blogs, and articles (but only if you wish to).

About the job XM Cyber is a globally renowned leader in hybrid cloud security. Our innovative approach utilizes the attacker's perspective to identify and address critical attack paths across on-premises and multi-cloud networks. The XM Cyber platform empowers organizations to swiftly prioritize and mitigate cyber risks affecting their vital systems, ensuring operational resilience and security.
We are seeking an experienced Marketing Project Manager to join our dynamic marketing team on a maternity cover basis for six months. As a Marketing Project Manager at XM Cyber, you will play a critical role in driving the team towards operational excellence.
Objectives of this Role

* Manage and optimize the usage of monday.com as our primary project management tool.
* Create and maintain project boards, workflows, and task assignments to ensure efficient project execution with deadlines.
* Facilitate clear and effective communication within the marketing team and with cross-functional stakeholders.
* Coordinate marketing meetings, and ensure timely follow-up on action items.
* Collaborate with team members to develop project plans for marketing initiatives.
* Own and streamline the PO process for the marketing team, ensuring compliance with company policies and budgetary guidelines.
* Assist in project planning, scheduling, and resource allocation to meet campaign deadlines and objectives.
* Monitor project progress, identify potential risks, and proactively implement solutions to keep projects on track.
* Create reports and metrics that track marketing performance