We are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.
Main Responsibilities:
Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices.

We are looking for a Senior Security Researcher to join our team Cloud Security.
In this role, you will take part in protecting our customers' cloud environments from a wide range of cyber threats.
Your contributions will be directly impactful, not only ensuring our customers' success but also making a significant difference in the evolving landscape of cloud security.
Your Opportunity:
Research cloud threats and collaborate closely with the engineering team to transform research insights into innovative product features
Develop effective detection rules and enhance our product's capabilities for better threat detection
Launch and manage incident response operations to investigate attacks on cloud environments
Investigate malware specifically targeting cloud workloads, understanding their mechanisms and impacts, and produce high-quality reports
Present your unique findings and share knowledge at cyber and cloud conferences

we are on the lookout for a Director Of Infrastructure, one who lives and breathes DevOps & security principles and methodologies, with a developer and business objective mindset.
Role:
Lead, support, and mentor a group of four teams: DevOps, DevSecOps, SRE, and Infra. Currently overseeing 15 engineers, directly managing the team leads of the DevOps and DevSecOps teams, and providing both technical guidance and management leadership
Build a new Site Reliability Engineering (SRE) team that will be in charge of the health of the production environment. This team will be a central part of our production operations strategy, working hand in hand with our Operations team, DevOps, and R&D.
Build an R&D infrastructure team to develop and support applicative infrastructure components such as databases, web servers, logging mechanisms, and any other low-level infrastructure required by the R&D team to achieve their objectives.
Plan the team's roadmap to meet our business objective
Work closely with tech leads to define, design and implement infrastructure needs
Responsible for all DevOps and security areas: infrastructure and cloud environments, CI/CD, observability, SAST, SCA, SSDLC and Cloud Security
Lead a developer/development experience culture make developers more efficient and productive by addressing their pain points, ensuring the reusability of tools among all development teams, maintaining consistent standards for testing and monitoring, and continuously improving developer tools.
Accountable for the architecture and technical leadership of the complete DevOps infrastructure and stack
Implement and maintain security best practices and standards, leading the security issue remediation process as part of the integration with Mastercard
Oversee DevOps tasks, perform code reviews and provide development assistance
Optimize operation efforts and adopt new tools
Design, implement, and continually improve everything the team does to accelerate performance and efficiency
Serve as an escalation point for the team and other stakeholders within the organization
Collaborate closely with stakeholders in designing, implementing, and troubleshooting production services
Recruit new candidates for the team and retain talents

We are looking for a highly skilled Product Security Architect to join our team at Tipalti. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:

Collaborate closely with all Tipalti development teams to build and govern security from day one to production, following best practices.
Perform application security assessments, including architecture design reviews and threat modeling.
Provide secure software guidance and act as a business enabler to cross-functional teams, including product, engineering, etc.
Design, build, and implement best-in-class application security solutions.
Lead and promote security audits, vulnerability assessments and code reviews.
Develop software security guidance, including training material, best practices, secure coding checklists, and reusable code.
Validate ongoing compliance with policies and procedures in support of regulations.
Raise the overall security awareness for the Secure-SDLC and define training roadmaps based on needs.
Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards.
Review & manage security issues identified in products, analyze severity and risk, and provide recommendations for remediation.
Establish, manage, and lead a bug bounty program

We are looking for a GRC Analyst.
As a GRC analyst, you will be working very closely to participate in all aspects of cyber security and compliance. The role is a crucial part in our Cyber Security team and the entire security program. We are looking for a team member with experience in compliance frameworks operating with modern systems. You will be involved in all information security processes and activities, with the different teams, make risk mitigation recommendations, and suggest and review solutions. This is a key position in the process of building the security culture in the entire organization.
The ideal candidate is highly motivated, demonstrating a can do' attitude and needs to have a combination of troubleshooting and communication skills, as well as the ability to handle a mix of multiple tasks in parallel.
This role will provide career growth opportunities as you develop/acquire new security skills in the course of your duties.
RESPONSIBILITIES:
Support local, regional, and global initiatives and activities related to governance, risk, and compliance.
Establish, maintain, and publish up-to-date security and compliance policies, standards, and guidelines, and oversee training and dissemination of policies and procedures.
Identify and track timely closure of control gaps and risk mitigation plans.
Participate in ISO 27001, SOC, and other compliance assessment, evidence collection, and reporting.
Develop and implement various Governance, Risk, and Compliance tools.
Utilize a risk-based approach for vendor management, including assessing and treating the risks.
Assist with Incident Response and Business Continuity to include running table-top exercises.
Other related duties such as Incident response process, Vulnerabilities management and more.

As a QA Engineer, you'll collaborate with our team to ensure our product is
built and deployed without bugs or glitches, maintaining high performance.
You'll craft and execute targeted test cases, including automation, with a
user-centric mindset.
Additionally, you'll play an active role in planning our
QA roadmap, contributing to feature design and implementation.
Your Opportunity:
Lead end-to-end project ownership, encompassing design, development, deployment, and execution of acceptance criteria tests for new product features
Create and update test cases and suites for both new and existing features
Develop automation frameworks and infrastructure to streamline testing processes
Simulate customer scenarios and network environments for product reliability
Work with various network protocols like TCP/IP, SNMP, HTTP, and SSH
Lead quality improvement projects (automation, manual tests, and bug bounties) to enhance overall product quality
Collaborate closely with cross-functional team members to achieve quality objectives
Focus on functionality testing and analyze automation test results for continuous improvement
Testing backend APIs and front-end UI applications
Drive all QA efforts across teams, ensuring consistency and effectiveness
Conduct thorough reviews of test plans to ensure comprehensive coverage
Learn and implement new technologies to solve unique technical challenges

We are looking for a researcher to help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
Responsibilities:
Research and develop innovative attack detection capabilities
Evaluate the efficacy of new and existing detection approaches and propose enhancements
Implement and experiment with new algorithms and methodologies for improving overall detection
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams
Continually learn about evolving challenges in security

We are looking for a Threat Researcher.
we are an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW!
The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications.
The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.
RESPONSIBILITIES:
Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
Uncover and develop new cyber-attack vectors, techniques and POCs.

We are looking for a highly-technical leader with experience managing a distributed team and a solid understanding of several key technologies.


This is a Hybrid position open to candidates in the Israel area.

What You'll Do

Lead the IDP cloud SDET team and work with all the stakeholder teams to guarantee cloud software and deployment quality

Lead cloud test direction, test strategy, test design/development/execution and reporting

Hands-on design and development of test framework/tools and scripts to achieve test efficiency and productivity to ensure functionality, reliability, performance, scalability of cloud.

Work with other quality leaders to understand product quality and automation gaps and opportunities, customer engagement as it relates to quality, and continuously reviewing the impact of SDET work.

Support our cloud test platform as it relates to other test and pipeline activities

Hire, coach, and support engineers as needed.

Be part of the analysts team, work with customers and key POCs, to provide an additional level of security and confidence, by leveraging unique intelligence feeds, threat logs, and IOCs. Collaborate with our world-class research team and various R&D teams as you help shape our product, help customers be more secure, and immerse yourself to the cyber fraud tech ecosystem.

Proactively monitor and review threats and suspicious events from customers
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Use multiple sources of data intelligence trust network, external threat feeds, etc
Support customer's payment processes and workflows
Maintain excellent customer satisfaction through professional, proactive and personal service
Work closely with our research and development team
Contribute to our knowledge base by creating fraud analysis reports and best practices