דרושים » אבטחת מידע וסייבר » Director Of Product Security

looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.

Responsibilities
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in CYE
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

As a Cyber Security Architect, you will be responsible for designing, developing, and implementing security solutions to protect our company's infrastructure, applications, and data from cyber threats.
You will collaborate with IT, development, and business teams to define security frameworks, enforce best practices, and ensure compliance with industry standards. Your role is critical in identifying security risks, designing resilient architectures, and leading security initiatives to strengthen enterprise security against evolving threats.
Key Responsibilities
Develop and implement security architectures for cloud, on-premises, and hybrid environments.
Identify vulnerabilities, assess security risks, and recommend effective mitigation strategies.
Design and implement security controls for cloud environments (Azure, AWS, GCP).
Develop and enforce strong authentication, authorization, and access control policies.
Provide guidelines for security-related solutions, including firewalls, SIEM, EDR, WAF, DLP, VPNs, and Zero Trust Network Access (ZTNA).
Lead OS hardening efforts for Windows, Linux, and macOS environments to reduce attack surfaces and enhance system security.
Collaborate with SOC teams to detect, respond to, and remediate security incidents.
Work cross-functionally with development, infrastructure, and business teams to ensure security is a priority in all projects.

required Cloud Security Research Team Leader
Responsibilities
Team Leadership
Lead and mentor a team of top notch cloud security researchers.
Foster a culture of innovation, collaboration, and excellence within the team.
Provide technical guidance and support to team members.
Research and Development
Conduct advanced research in cloud security, focusing on emerging threats, vulnerabilities, and mitigation strategies.
Analyze logs and behavior of user activities on Cloud Environments & SaaS Applications
Hunt threat actors & insider threats
Optimizing existing algorithms to reduce false positives and increase the value of our products
Lead the publications of cyber security oriented blogs and articles
Drive the development of new security technologies and methodologies for cloud environments.
Stay updated with industry trends and advancements in cloud security.
Collaboration:
Collaborate with product management, engineering, and other stakeholders to implement your team latest research
Work closely with development teams to integrate security features into our product
Communicate research findings and recommendations effectively
Security Strategy:
Contribute to the development and implementation of cloud security strategies and policies
Assess and mitigate risks associated with cloud deployments and operations.
Ensure compliance with industry standards and regulations related to cloud security.

The Software Engineering team delivers next-generation application enhancements and new products for a changing world. Working at the cutting edge, we design and develop software for platforms, peripherals, applications and diagnostics all with the most advanced technologies, tools, software engineering methodologies and the collaboration of internal and external partners.
Join us as a Software Principal Security Engineer on our Software Engineering team in Herzliya to do the best work of your career and make a profound social impact.
What youll achieve
As a Principal Software Security Engineer, you will be a key leader in designing, implementing, and maintaining robust security solutions for our complex, multi-component systems, ensuring the confidentiality, integrity, and availability of sensitive data. You will play a critical role in protecting our customer data and intellectual property from evolving cyber threats.
You will:
Lead Security Design: Architect and design secure software solutions for complex systems, incorporating secure coding practices, cryptography, and network security principles.
Work with a global team on refining requirements and solutions for secure product development
Leading and Contributing to the development and implementation of these secure strategies for complex software products and systems/for storage products and systems

looking for a talented Application Security Specialist to be a part of our team. As an Application Security Specialist, you will take an active role in security development lifecycle activities and penetration testing that will help evaluate our customers security level and improve it. A typical job could be breaking into a critical system of a Fortune 500 organization, analyzing the Secure-SDLC security gaps in a large department in a huge enterprise, and reverse engineering an application and encryption method in order to gain access to sensitive data.

Responsibilities
Manage, evaluate, and improve the application security development lifecycle of our clients.
Identify, communicate, and drive the resolution of vulnerabilities.
Research and advocate for new application security solutions and technologies.
Continue to drive security evaluation earlier in the cycles through iterative security testing.
Operate as an incident responder for triage pertaining to web-based vulnerabilities.
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts.
Improve secure coding practices, application security requirements, automation, training, and metrics.

looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.

Responsibilities
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

We are seeking a Head of Cyber Security with hands-on IT experience to lead the management, development, and delivery of a comprehensive information security program within.
The Security programs objectives include
Protect our information, applications, and infrastructure from external or internal threats.
Assure that we comply with regulatory and PCI requirements regarding information protection, access, security, and privacy.
Assure that software/systems/infrastructure/data developed, acquired, or maintained by us is secure, compliant, and used in accordance with its intended purpose.
Before you submit your CV, please note:
We are located in Herzliya, and we work in a hybrid workmode.
What will you do?
Direct management of our Security teamת, including a 7x24 SOC.
Coordinate the development of our information security policies, standards, and procedures and manage the information security function in accordance with these policies and guidelines.
Work with key IT personnel and internal groups to oversee the dissemination and enforcement of these policies, standards, and procedures within.
Maintain and enhance an education and training program for developers and IT on information security and privacy matters.
Function as an internal consulting resource on information security issues.
Maintain and enhance the Incident Reporting and Response System to address our security incidents (breaches) and respond to alleged policy violations or complaints from external and internal parties.
Develop and implement an ongoing risk assessment program targeting information security and privacy matters.
Recommend IT solutions (hardware and software) and applications for vulnerability detection and remediation to keep our environment secure.
Oversee vulnerability mitigation and coordinate all activities related to PCI compliance and other security certifications.
Consult with security experts and consultants and provide recommendations on the latest technologies that should be leveraged/deployed to keep our environment safe and secure.

Are you ready to power the future? At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 4,000 employees, offices in 34 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. This role is a team member in our security engineering team. The Cyber Security team is composed of strong and experienced security engineers, responsible for designing, implementing, analyzing, and maintaining an on-prem\cloud-based security controls in particular OT security. What you will be doing:
* Manage the day-to-day operations of the company’s security infrastructure systems.
* Will lead the implementation of IT/OT cyber security systems in the organization.
* Provide security guidelines to various projects and systems.
* Research new innovative technologies to mitigate security gaps and work to implement in the production

Country:
Israel

City:
Herzliya

Are you looking for a challenge that puts you at the center of the worldwide Platform? Are you passionate about finding security breaches and vulnerabilities? Do you have Offensive mindset? 

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it. 

a world leader in security and is obsessed with making sure that our platform and services are secure, and we can protect our customers and their workloads. We are expanding security research team. The team will focus on making sure our services are built with a security-first mindset by proactively looking for breaches and vulnerabilities in the across Azure architecture and services, to make sure Azure is safe, secure, and reliable. 
mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
Be a subject matter expert, leveraging a broad and current understanding of security to devise new protections and exploit mitigations.
Identify security vulnerabilities and gaps in a wide variety of key services across Azure services, network protocols and architecture.
Collaborate with other security and product teams to improve security, and articulate the business value of security investments for designing and developing new security mitigations and defenses.
Drive security root cause analysis, identifying key gaps and being able to drive effective mitigations while understanding the engineering constraints.
Interaction with the security ecosystem and leadership in and outside.

Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we help customers and partners resolve their issues quickly, prevent future problems from occurring, and demonstrate new ways to achieve more from their investment.
As a Senior Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.

In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer you will own, troubleshoot and solve highly complex customer technical issues. This opportunity will allow you to accelerate your career growth by honing your problem-solving, collaboration and research skills, and developing your technical proficiency.

This role is flexible in that you can work up to 100% from home.
mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Scope customer security incidents
Understand and identify indicators of attack and indicators of compromise
Analyse incident data from threat analytics tools
Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customers environment
Coordinate a response to the security incident with other security and consulting teams.
Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
Perform security triage and analysis on endpoint, server and network infrastructure.
Perform activities necessary for immediate containment and short-term resolution of incidents.
Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
Investigate root cause of complex security incidents
Maintain a high level of confidentiality
Participate in the on-call rotation as required