לוח משרות דרושים מומחה אבטחת מידע / סייבר משרה מלאה

We are looking for a highly motivated, talented, and hands-on Application Security Engineer who will participate in building our next-generation static code analysis engines for detection and remediation capabilities.
This role offers challenges across a wide variety of responsibilities.
You will have an opportunity to establish the application security discipline in the SAST group, and define working procedures, processes, and tools.
The successful candidate will work closely with algorithms developers, improving the engines, developing security rules, performing a security review of source code, and suggesting optimization. We are searching for a team player with a can-do approach.
**In this position, you will work in a hybrid model, which means you will spend two days at the office and three days working from home.**
Responsibilities:
Performing security source code analysis.
Analyze application vulnerabilities and provide mitigation strategies.
Researching, designing, and writing application security rules for detection, while working closely with a development team for SAST
Analyzing different programming frameworks in different programming languages for potential sources and sinks for SAST.
Handling complex cases escalated from the field and other teams.
Improving our SAST engines for various programming languages.

Were looking for a Senior Software Engineer with expertise in Application Security, operating systems, and cloud technologies to work on bleeding edge technology in our cloud-native team.
What you will do
Solve hard problems in the domain of containers, security scanners, cloud, operating systems, package managers, Kubernetes, DBs and Linux.
Come up with innovative solutions to complex software static analysis problems.
Being responsible for shipping cutting edge technologies that transforms the container scanning industry.
End-to-end development of backend software components (research, design, development, testing, rollout, monitoring).

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

We are looking for a Cyber Intelligence Analyst to join our Threat Command team and take our threat intelligence analysis capabilities to the next levels.
As part of the Cyber Intelligence Analyst team, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts..)
In this role, you will:
Research new cybercrime trends and attack vectors that could be converted into actionable on-demand delivered intelligence.
Respond to customers RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.
Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.
Educate and empower our customers, providing them with additional context on various threats and advising on best practices.
Ensure and sustain day-to-day activities of undercover avatars.
Work closely with R&D, Marketing, Sales, and Customer Success teams to provide intelligence expertise.
Delivering and managing A to Z intelligence-related projects, products, and services.
Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.

Our Cyber Security team is seeking for an exceptional, results-oriented Cyber Security Engineer who will be responsible for designing, implementing, and maintaining security measures to protect our computer systems, networks, and data.
You will be reporting to the Cyber Security Team Leader, and will play a crucial role in maintaining a robust cybersecurity infrastructure, mitigating risks, and protecting against cyber threats for our organization.
Responsibilities:
What you will be doing:
Implementing and managing cybersecurity tools and technologies such as antivirus (AV), Extended Detection and Response (XDR), Data Loss Prevention (DLP), Application Control, Privileged Access Management (PAM), email security solutions, Endpoint Privilege management (EPM), vulnerability assessment tools, and Zero Trust, solutions and more.
Designing, implementing, and maintaining security measures to protect computer systems, networks, and data.
Developing and implementing security policies, standards, and procedures.
Collaborating with teams from various departments within the organization to ensure the integration of security best practices into infrastructure design and development.
Providing security guidance and support to project teams and business units.
Remaining up-to-date with the latest cybersecurity trends, technologies, and threats, and advising on security enhancements accordingly.

Avalor is applying its data expertise to security, enabling companies to better understand and manage risk. We have both a rich data platform and security modules that tap into the platform to provide immediate benefits to our customers. We have built and patented a Data Fabric for Security. It curates data from hundreds of security and business tools and contextualizes that data to help companies understand and address their riskiest problems. Our Unified Vulnerability Management module is our first module to tap into the power of our data fabric, enabling companies to create custom contextualized risk scores and tailored workflows to reduce risk. If youre passionate about data models and helping companies improve their security posture, wed love to have your talents here at Avalor as we work to make the world a more secure place.
We are seeking a Big Data Engineer to join our team. In this role, you will play a crucial role in designing, building, and maintaining our query engine. You will play a crucial role in managing large volumes of data, optimizing data pipelines, optimizing data query, developing complex analytics capabilities on top of the data and ensuring the reliability and scalability of our data infrastructure.
Responsibilities:
Develop our ETL and query engines using Java / Spring Boot / Scala / Zio
Deliver high quality features for our high-scale web environment
Participate in design from scratch to production
Monitor the performance and cost of the services in production
Stay up-to-date with industry trends and best practices to continuously improve our technology stack and development processes
Integrate with other team members (backend/frontend/product/UX)

We are looking for a Security Delivery Manager to lead a team of security expert, be a catalyst for growth for the Security Software portfolio.
This includes expanding existing security clients and new account penetration.
Youll work closely with clients and business partners to develop relationships, understand their needs, earn their trust and show them how our Security industry leading solutions will solve their problems while delivering value to their business.
While managing the team, you will need to collaborate with the broader technical experts, ecosystem and marketing technical colleagues.
In this role you will be asked to:
Demonstrated experience defining and executing on a multi-tier delivery model, including field-direct, inside and partner / channel.
Demonstrated ability to quickly understand and overcome delivery, customer, and managerial challenges; proven ability to setting clear goals, measuring performance, coaching and managing feedback to achieve quality and timely results while leading a technical experts team towards goals achievement and client satisfaction.
Superb communication, functional leadership and negotiation skills.
A visionary and goal-oriented team-player.
Proven experience in coaching and motivating teams to achieve common goals.
Excellent interpersonal, verbal, and written communication. Strong interpersonal skills (client-facing/interdepartmental) and a clear communication style.

We are looking for a motivated, energetic and experienced Information Security Manager (ISM) to be part of our information security journey and take the lead in the security GRC and awareness domains. Take ownership of your domain and oversee information security through the development of policies, training initiatives, establishment of vendor security assurance, advancement of company awareness, and the development of security and privacy compliance certificates and audits.

As a key role within the Information Security team, the ISM position requires a working knowledge of information security systems and technologies. The ISM will proactively work with all teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.

The ISM will serve within the Governance, Risk, and Compliance (GRC) team as the process owners of GRC activities related to the availability, integrity and confidentiality of customers, business partners/vendors, employees, and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
What you will be doing:
Manage Forters GRC program, ensuring compliance with SOC2, ISO 27001/27701 and PCI-DSS, while enhancing process efficiency through the implementation of automation.
Review, update, and create policies and procedures to ensure alignment with customer requirements, certifications, and regulations.
Respond to security questions and questionnaires from company prospects and customers, providing support for company operations.
Conduct routine internal security reviews.
Manage information security risk activities, including conducting annual risk assessments, performing root cause analysis, and overseeing remediation activities.
Lead the vendor security program - Assess the security and compliance of vendors.
Responsible for the security awareness program, conducting training sessions, quizzes, and drills.
Continuously enhance the security standard of solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluate them.
Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts.

We are looking for a Senior Technical Program Manager (TPM) capable of managing the growing demand to stop and prevent cyber-attacks. The ideal candidate should be skilled in project management, and able to handle multiple high-visibility, high-pressure engagements, and cases simultaneously, as well as many of the day-to-day operations of the team. TPMs are also responsible for organizing and ensuring that the goals of the team are met to respond in the midst of a security crises. In order to be successful, you should be comfortable executing complex tasks and objectives and working across teams to produce results in ambiguous situations.  
mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Program management of multiple simultaneous engagements and projects, delivering status reports and comprehensive project summaries to managers and stakeholders, and coordinating customer and team resources needed to respond and execute.
Support of customer and internal needs (both pre- and post-onsite deployment), clearly communicating objectives and guidance to stakeholders, and ensuring alignment with organizational goals and timelines.
To strengthen the team's threat detection/response/mitigation capabilities, drive continuous improvement initiatives through complete pipelines including:
Collection of feedback and data collected from each escalation or incident.
Identification of target areas (in processes, tools, or methodologies).
Prioritization amongst other feature requests.
Building out requirements.
Delivering against execution strategies
Maintain a high-level understanding of the security tools and processes used to thoroughly answer customer concerns.
Accountable for the quality of own work; to be delivered within agreed procedures and timeframes, focused on internal and/or external customer needs, and managed through ambiguity.
Additional operational assistance with the needs of a growing business, including new offering development, internal rhythm of business communications, and field training.
Deliver status reports and comprehensive project summaries to managers and stakeholders, and coordinating customer and team resources needed to respond and execute.
Embody our Culture and Values

We are looking for Experienced Penetration Tester with Expertise in IOT.
As a Pentester with expertise in IoT security, you will play a crucial role in identifying and addressing potential vulnerabilities in pentesting IoT projects and medical devices.
The ideal candidate will have a minimum of 2 years of hands-on experience in penetration testing and a background in pentesting IoT devices.
Job Description:
Conduct comprehensive penetration tests on different types of system and technologies, with a specific emphasis on IoT devices.
Identify and exploit security vulnerabilities on thick client/mobile applications and also on products like IoT or medical devices.
Assess the security of embedded systems, firmware, and IoT protocols.
Provide detailed reports and recommendations for mitigating identified risks, especially in the IoT context.
Stay up-to-date with the latest cybersecurity trends and threat landscapes, particularly in the rapidly evolving IoT domain

We are looking for an Experienced Penetration Tester at Advanced Security Center.
Job Description:
The work involves simulating attack scenarios against various applications, infrastructure, and network solutions on a wide range of platforms and technologies. In addition to penetration testing and forensic services, we also offer consulting services, secure design and development services, and training.
We provide an extensive training program that enables programmers, infrastructure, and network engineers to transition into the security profession and develop a long-lasting career path.