דרושים » אבטחת מידע וסייבר » Senior GRC Manager

We are seeking a highly skilled and experienced Security GRC (Governance, Risk, and Compliance) Specialist to join our team. The ideal candidate will report to the GRC manager, have a strong background in security governance, risk management, and compliance, with a proven track record of successfully implementing GRC programs.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Respond to customer due diligence requests, assist with contract agreements, and participate in customer calls to address GRC-related inquiries.
Conduct risk assessments and identify potential security threats and vulnerabilities.
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Design and maintain security awareness program (e.g., conduct phishing simulations, generate newsletters, administer training platform)
Monitor and report on the effectiveness of GRC programs and controls.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.
Perform technical risk assessments.

We are looking for a Director of Product Security to join our R&D organization and take full ownership of our company's product security initiatives. In this key leadership role, you will spearhead the development and implementation of our comprehensive security strategy, encompassing both SaaS and on-premises solutions.
Responsibilities:
Develop and lead the strategic vision to manage both internal and external risks associated with our company's products and solutions.
Proactively advise the business on how to maintain compliance with appropriate regulatory or industry best practices.
Drive secure development lifecycle and integration of security features into all phases of software design and development, including advising on proper software architecture security standards.
Vulnerabilities management - Identify and facilitate remediation of application and cloud platform exposures and vulnerabilities, including implementation of relevant systems and tools for these purposes.
Conduct cloud security strategy, readiness and discovery assessments; be familiar with cloud security frameworks, compliance requirements and security operations
Research new application security tools and technologies as requested and evaluate options that enhance security capabilities.
Lead compliance gap analysis and implementation (such as SOC2, SOC3, FedRAMP)
Work closely with R&D groups - Dev teams, Platform, DevSecOps and DevOps teams, to enhance application and platform security on all layers, including monitoring and enforcement.
Conduct periodic pen testing against our Saas Platform components.

Were looking for a Cybersecurity Threat Detection & Response Engineer to lead and grow this critical function as part of our expanding security team. This role will focus on evolving Ponteras detection engineering, incident response, and security automation capabilities to support our growing organization and evolving threat landscape.

Youll join a mature and collaborative environment where foundational work has already been laid, and you'll have the opportunity to advance how we detect, investigate, and respond to threats - with the support of strong cross-functional partnerships and best-in-class tools.

RESPONSIBILITIES

Detection Engineering
Develop, tune, and maintain detection rules, correlation logic, and alerting workflows within our SIEM.
Integrate high-quality telemetry from cloud environments, infrastructure, SaaS applications, and internal systems.
Collaborate with Engineering and DevOps to improve visibility, signal-to-noise ratio, and logging coverage.
Automation & Enrichment
Design and implement enrichment and response automation (e.g., SOAR platforms, serverless functions).
Explore and integrate LLM-based agents or AI-enhanced triage/classification tools where practical.
Continuously improve response playbooks, integrations, and automation pipelines.
Incident Response Leadership
Serve as the operational lead for security incident response, from triage through resolution and post-incident review.
Maintain and evolve IR runbooks; lead tabletop exercises to strengthen organizational readiness.
Coordinate investigations across Security, Engineering, GRC, IT, and Legal as needed.
Metrics & Reporting
Own and continuously improve dashboards and reporting that track key detection and response KPIs (e.g., MTTR, detection coverage, false positive rates).
Deliver data-driven insights to security and engineering leadership to inform strategy and operational improvements.
Case Management
Take responsibility for the case management lifecycle across detection, triage, and incident handling.
Ensure the incident handling process is tightly integrated with automation, documentation standards, and relevant security tooling.
Evaluate opportunities to enhance case tracking infrastructure in alignment with program growth and maturity.
Collaboration & Growth
Partner cross-functionally with teams in Engineering, DevOps, IT, Privacy, and GRC.
Support ongoing vendor relationships and bring a continuous improvement mindset to tooling and processes.

We're seeking an experienced CISO for a part-time, flexible consulting role to guide our security strategy and ensure best practices across development and infrastructure teams. This role also plays a key part in supporting our compliance initiatives.
Key Responsibilities:
Oversee and maintain security policies and processes
Advise application development teams on secure coding and architecture
Support infrastructure teams with secure configuration and best practices
Lead involvement in key compliance activities.

If you're eager to launch or accelerate your cybersecurity career in a high-growth tech company, this is your opportunity to learn, contribute, and grow alongside some of the best in the industry.



JOB RESPONSIBILITIES
Monitor and analyze security alerts and logs using advanced monitoring and detection systems.
Triage and respond to Tier-1 security incidentsinvestigating root causes, mitigating risks, and documenting findings thoroughly.
Assist in strengthening AWS cloud security configurations with a focus on the principle of least privilege.
Support the deployment, maintenance, and fine-tuning of security tools and processes.
Collaborate with cross-functional teams to proactively identify threats and enhance overall security posture.
Be part of an on-call rotation, including weekends and holidays, to ensure continuous protection.

Position Overview:
our MDR team is at the forefront of worldwide data detection and response services. We lead and redefine how data should be monitored, and protected and how data breach incidents should be handled. Its a 24/7 global security service assisting customers to investigate and respond to security incidents.
A Senior (Level 3) Security Analyst within our MDR team is expected to serve as their teams technical lead and a key escalation point for complex security incidents.
In your role, you will lead complex investigations, working directly with customers by assisting them in investigating and responding to security incidents.
As a senior staff in your team, you are expected to mentor junior analysts, and drive continuous improvement of our detection and response capabilities. You will collaborate with internal and external stakeholders, and ensure best practices are followed across monitoring, detection, and incident response processes. This position requires a strong foundation in cybersecurity operations, a deep understanding of SIEM technologies and log sources, as well as the ability to train and document processes for others.
Responsibilities:
Incident Escalations & Investigations
Serve as an escalation point for security alerts and incidents, ensuring timely and thorough investigations.
Perform end-to-end incident handling, including scoping, containment, and eradication activities.
Coordinate and communicate with customers, leadership, and other stakeholders throughout the incident response lifecycle.
Understand, interpret, and analyze a diverse range of log sources (Exchange Online, Entra, Active Directory, Windows events, Azure, DNS, VPN, etc.).
Proactively identify potential threats and anomalies, recommending and implementing improvements in detection logic.
Training & Mentorship:
Assist in training and upskilling junior and mid-level analysts, including sharing best practices in investigations, threat hunting, and emerging threats.
Provide guidance in troubleshooting escalated issues, ensuring efficient knowledge transfer and professional growth within the team.
Contribute to the development, documentation, analysis, testing, and modification of threat detection systems and playbooks.
Provide feedback on gaps or improvements needed in processes, documentation, or technology.
Work closely with Team Leads and other senior staff to align on operational goals, SLA adherence, and service delivery standards.
Communicate findings, root causes, and recommended actions to both technical and non-technical stakeholders clearly and effectively.
Share insights and best practices with the broader team, championing a culture of continuous learning.

We are seeking a talented, tech-savvy individual to join our Cyber Security team and address the most challenging security issues within cutting-edge ecosystem. In this role, you will serve as a subject matter expert, playing a crucial part in building and maintaining security infrastructure, designing secure architectures, enforcing security best practices, and automating security processes.
Our Cyber Security team comprises experienced security engineers responsible for defining the security strategy and managing all of infrastructure.
Responsibilities:
Design, deploy, and operate technologies to detect, prevent, and analyze security threats in a diverse and complex environment, encompassing both public cloud and on-premises systems.
Conduct hands-on activities to maintain and operate security infrastructure.
Automate security processes to enhance and support security posture.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD security methodologies.
Develop, implement, and maintain security policies, standards, and methodologies.
Identify and evaluate new cybersecurity technologies.

Position Overview:
our MDR team is at the forefront of worldwide data detection and response services. We lead and redefine how data should be monitored, and protected and how data breach incidents should be handled. Its a 24/7 global security service assisting customers to investigate and respond to security incidents.
We are seeking an experienced MDR Team Lead who will oversee a team of MDR Security Analysts. This oversight includes training and developing the knowledge and skills needed to execute the MDR mission, ensuring adherence to all operating policies and procedures, ensuring the delivery of the MDR service within all SLAs, and serving as a point of technical and operational escalation for MDR analysts. Data is the #1 target of attackers, and our company's Managed Data Detection and Response (MDDR) customers entrust our team with the security of their data. MDR Team Leads are the lynchpin of MDR operations, ensuring the team is working 24x7 to monitor, triage, investigate, and escalate incidents where data is at risk and to ensure we meet operational SLAs.
Responsibilities:
Technical and operational escalation point for investigations, incidents, and other elements of the MDR service.
Assist in the development, documentation, analysis, testing, and modification of our companys threat detection systems, playbooks, runbooks, and MDR team operations.
Continuously train the team so they are equipped with the required skills and knowledge to effectively execute the MDR service.
Validate findings and coordinate investigative efforts with customers and internal teams.
Ensure all investigative findings are documented and communicated appropriately by the team, including tracking in CRM.
Maintain up-to-date knowledge of all aspects of our companys MDR service.
Oversee and execute programs, projects, operational tasks, and responsibilities related to the MDR service.
Conduct regular performance reviews and quarterly SWOT analyses to drive team growth and development.

Required Cloud Security Research Team Leader
Responsibilities
Team Leadership
Lead and mentor a team of top notch cloud security researchers.
Foster a culture of innovation, collaboration, and excellence within the team.
Provide technical guidance and support to team members.
Research and Development
Conduct advanced research in cloud security, focusing on emerging threats, vulnerabilities, and mitigation strategies.
Analyze logs and behavior of user activities on Cloud Environments & SaaS Applications
Hunt threat actors & insider threats
Optimizing existing algorithms to reduce false positives and increase the value of our products
Lead the publications of cyber security oriented blogs and articles
Drive the development of new security technologies and methodologies for cloud environments.
Stay updated with industry trends and advancements in cloud security.
Collaboration:
Collaborate with product management, engineering, and other stakeholders to implement your team latest research
Work closely with development teams to integrate security features into our product
Communicate research findings and recommendations effectively
Security Strategy:
Contribute to the development and implementation of cloud security strategies and policies
Assess and mitigate risks associated with cloud deployments and operations.
Ensure compliance with industry standards and regulations related to cloud security.