לוח משרות דרושים הייטק אבטחת מידע / סייבר במרכז

We are looking for a highly motivated, talented, and hands-on Application Security Engineer who will participate in building our next-generation static code analysis engines for detection and remediation capabilities.
This role offers challenges across a wide variety of responsibilities.
You will have an opportunity to establish the application security discipline in the SAST group, and define working procedures, processes, and tools.
The successful candidate will work closely with algorithms developers, improving the engines, developing security rules, performing a security review of source code, and suggesting optimization. We are searching for a team player with a can-do approach.
**In this position, you will work in a hybrid model, which means you will spend two days at the office and three days working from home.**
Responsibilities:
Performing security source code analysis.
Analyze application vulnerabilities and provide mitigation strategies.
Researching, designing, and writing application security rules for detection, while working closely with a development team for SAST
Analyzing different programming frameworks in different programming languages for potential sources and sinks for SAST.
Handling complex cases escalated from the field and other teams.
Improving our SAST engines for various programming languages.

Were looking for a Senior Software Engineer with expertise in Application Security, operating systems, and cloud technologies to work on bleeding edge technology in our cloud-native team.
What you will do
Solve hard problems in the domain of containers, security scanners, cloud, operating systems, package managers, Kubernetes, DBs and Linux.
Come up with innovative solutions to complex software static analysis problems.
Being responsible for shipping cutting edge technologies that transforms the container scanning industry.
End-to-end development of backend software components (research, design, development, testing, rollout, monitoring).

As a Security Analyst you will be responsible for:

Planning building and automating security workflows using automation tools.
Integrating data sources, creating alerts, and investigating.
Developing detailed documentation for IR playbooks and executing them.
Manage and coordinate cyber incidents.
Conduct in-depth analysis of security events and incidents to identify the root cause and scope.
Operate and maintain the SIEM system including fine tuning to optimize detection and response capabilities.
On-demand threat-hunting activities on cloud environments and SaaS applications.
Research new attack vectors, including identification, and related mitigations across the enterprise IT landscape.
Be a knowledge source for new and emerging threats, incident response processes, and threat-hunting activities.
Evaluate & recommend new security technologies and help shape the product with your insights and expertise.

We are looking for a Cyber Intelligence Analyst to join our Threat Command team and take our threat intelligence analysis capabilities to the next levels.
As part of the Cyber Intelligence Analyst team, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts..)
In this role, you will:
Research new cybercrime trends and attack vectors that could be converted into actionable on-demand delivered intelligence.
Respond to customers RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.
Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.
Educate and empower our customers, providing them with additional context on various threats and advising on best practices.
Ensure and sustain day-to-day activities of undercover avatars.
Work closely with R&D, Marketing, Sales, and Customer Success teams to provide intelligence expertise.
Delivering and managing A to Z intelligence-related projects, products, and services.
Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.

Avalor is applying its data expertise to security, enabling companies to better understand and manage risk. We have both a rich data platform and security modules that tap into the platform to provide immediate benefits to our customers. We have built and patented a Data Fabric for Security. It curates data from hundreds of security and business tools and contextualizes that data to help companies understand and address their riskiest problems. Our Unified Vulnerability Management module is our first module to tap into the power of our data fabric, enabling companies to create custom contextualized risk scores and tailored workflows to reduce risk. If youre passionate about data models and helping companies improve their security posture, wed love to have your talents here at Avalor as we work to make the world a more secure place.
We are seeking a Big Data Engineer to join our team. In this role, you will play a crucial role in designing, building, and maintaining our query engine. You will play a crucial role in managing large volumes of data, optimizing data pipelines, optimizing data query, developing complex analytics capabilities on top of the data and ensuring the reliability and scalability of our data infrastructure.
Responsibilities:
Develop our ETL and query engines using Java / Spring Boot / Scala / Zio
Deliver high quality features for our high-scale web environment
Participate in design from scratch to production
Monitor the performance and cost of the services in production
Stay up-to-date with industry trends and best practices to continuously improve our technology stack and development processes
Integrate with other team members (backend/frontend/product/UX)

We are looking for a Security Delivery Manager to lead a team of security expert, be a catalyst for growth for the Security Software portfolio.
This includes expanding existing security clients and new account penetration.
Youll work closely with clients and business partners to develop relationships, understand their needs, earn their trust and show them how our Security industry leading solutions will solve their problems while delivering value to their business.
While managing the team, you will need to collaborate with the broader technical experts, ecosystem and marketing technical colleagues.
In this role you will be asked to:
Demonstrated experience defining and executing on a multi-tier delivery model, including field-direct, inside and partner / channel.
Demonstrated ability to quickly understand and overcome delivery, customer, and managerial challenges; proven ability to setting clear goals, measuring performance, coaching and managing feedback to achieve quality and timely results while leading a technical experts team towards goals achievement and client satisfaction.
Superb communication, functional leadership and negotiation skills.
A visionary and goal-oriented team-player.
Proven experience in coaching and motivating teams to achieve common goals.
Excellent interpersonal, verbal, and written communication. Strong interpersonal skills (client-facing/interdepartmental) and a clear communication style.

XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. XM Cyber transforms exposure management by demonstrating how attackers leverage and combine misconfigurations, vulnerabilities, identity exposures, and more across cloud and on-prem environments to compromise critical assets. With XM Cyber, you can see all the ways attackers might go and all the best ways to stop them, pinpointing where to remediate exposures with a fraction of the effort. We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud). Responsibilities:
* Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
* Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
* Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
* Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
* Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
* Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
* Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.

Were looking for an experienced DevSecOps Engineer to join our team and verify that our cloud environments and CI/CD flows are secured according to best practices.
As a SecDevOps Engineer, youll lead our security efforts around our dynamic and fast-paced production environments. Youll define and create operation tools and processes, and play a hands-on role in directly impacting work across all R&D flows.
Responsibilities:
Secure and monitor live production environments.
Perform security drill-downs and investigations.
Act as a subject matter expert and manage security incidents across all organizational environments.
Implement monitoring and alerting procedures and mechanisms.
Design and implement automation processes for security monitoring and incident response-related flows.
Design, implement, and develop security solutions according to R&D/production needs.
Work with our R&D teams and architects to design, enhance, and implement best-of-breed security topologies.
Identify new security threats, and trends by conducting continuous monitoring, vulnerability assessments, and log analyses.
Conduct regular internal and external security assessments, vulnerability scans, and penetration testing of systems and applications to identify and remediate security weaknesses and threats.
Manage our bug bounty program.
Maintain documentation of security processes, procedures, and configurations.
Generate regular reports on security metrics, compliance, and incident response activities for management and stakeholders.

We are NeoGames (Nasdaq: NGMS), a global leader of iLottery solutions and services to national and state-regulated lotteries. We are part of the NeoGames Group, an iGaming powerhouse with 1100 employees spread across 8 countries. At NeoGames, we pride ourselves on our “People first” culture. Not only has it been a core value in our organization for as long as we can remember but it also runs in our DNA and is felt in every aspect of our operations. We are currently seeking a SecOps Manager. In this position you will work to implement the Security Operations strategy as part of the cyber security team, to enable secure business operations and missions. As a Security Operations Manager, you will be responsible for overseeing the security operations of the Real Money Gaming (RMG) production workloads. You will supervise a team of security professionals to ensure the confidentiality, integrity, and availability of the organization's production information assets. This role requires a deep understanding of security operations, incident response, threat intelligence, and risk management. The Manager of security Operations will leverage their knowledge of best practices to be able to support the Security Operations policies, standards, and legal requirements while overseeing a team of Security Operations and Engineering SMEs. The Manager, Security Ops will execute Security Ops & Engineering strategy, manage and work with relevant vendors to solve security issues and problems. This role will require a keen understanding of business key assets and processes, unique business requirements, the information security program, and combining this information to address residual risk by recommending security enhancements within the area of responsibility.

Responsibilities:
• Responsible for the Confidentiality, Integrity, and Availability of PROD systems. • Lead and supervise our external (MSP) Security Operations Center (SOC) functions that consist of: • Monitoring, detection and analysis activities • Threat Hunting • Threat intelligence activities • Incident response (IR) activities • Being the focal point for PROD security incidents – Manage the investigation, provide communication • Coordinate incident response process (SOC) for PROD workloads – Lead the incident response process, ensuring security incidents are promptly detected, assessed, and mitigated.. • Coordinate and communicate with RMG customers during incidents to provide updates on progress and potential impacts. Communication will be performed in partnership with Product Security and GIS. • Conducting post-incident reviews, and implementing improvements based on lessons learned.. • Enrich and expand the SOC coverage based on existing/ & new attack vectors. • Suggest detection and response improvements for GIS as well as the MSP to speed up and/or enhance detection capabilities. • Ensures security operations playbooks are created and/or in place to cover any identified process gaps and the team is able to execute against them in the absence of leadership. • Develops and reports key metrics to demonstrate the success of the organization across organizational levels, up to, and including, the Board. • Ensure the ongoing delivery/implementation of security measures & tools – Work with IT & DevOps to make sure that the security roadmap is fully delivered with optimal quality. • Assists with setting and advancing the global strategic vision, and execution of Security Operations and Engineering aspects of Our Global Information Security program. • Monitors industry information technology and security trends, threats, and regulatory trends to identify effects to Security Operations interests and in scope responsibilities. • Supports acquisition due diligence for information security risks and supports control design for integration. • Participates in reporting requirements, monthly/quarterly status meetings, and offsites as appr

We are looking for a motivated, energetic and experienced Information Security Manager (ISM) to be part of our information security journey and take the lead in the security GRC and awareness domains. Take ownership of your domain and oversee information security through the development of policies, training initiatives, establishment of vendor security assurance, advancement of company awareness, and the development of security and privacy compliance certificates and audits.

As a key role within the Information Security team, the ISM position requires a working knowledge of information security systems and technologies. The ISM will proactively work with all teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.

The ISM will serve within the Governance, Risk, and Compliance (GRC) team as the process owners of GRC activities related to the availability, integrity and confidentiality of customers, business partners/vendors, employees, and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
What you will be doing:
Manage Forters GRC program, ensuring compliance with SOC2, ISO 27001/27701 and PCI-DSS, while enhancing process efficiency through the implementation of automation.
Review, update, and create policies and procedures to ensure alignment with customer requirements, certifications, and regulations.
Respond to security questions and questionnaires from company prospects and customers, providing support for company operations.
Conduct routine internal security reviews.
Manage information security risk activities, including conducting annual risk assessments, performing root cause analysis, and overseeing remediation activities.
Lead the vendor security program - Assess the security and compliance of vendors.
Responsible for the security awareness program, conducting training sessions, quizzes, and drills.
Continuously enhance the security standard of solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluate them.
Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts.