דרושים » אבטחת מידע וסייבר » Security Research Team Leader

As a Senior PT Researcher, you will be the go-to-guy to find traditional and creative ways to break all kinds of products.

Make sure CYBR products are in a secure state by leading vulnerability research projects focused internally on the company products.
Present findings and work closely with software architects and development teams to ensure products are developed according to the best security standards.
Be a security research expert and stay up to date with new vulnerability research techniques that are being developed and published worldwide.
Through the year, include research work, and aim to discover innovative and creative security findings in CYBR products.

As a Product Security Response Manager, you will be responsible for managing a portion of PSIRTs global headcount. You will direct the day-to-day activities of product security engineers you lead, including processing root cause analysis of product security vulnerabilities reported as part of the bug bounty and responsible disclosure program, vulnerability remediation collaboration with internal development teams, research projects for reported vulnerability patterns, and process improvements. As a Product Security Response Manager, you will work with pool of talented external researchers (i.e., our bug bounty and responsible disclosure programs) to ensure they are equipped to succeed and mitigate uncoordinated disclosures. You will also make hands-on contributions to reducing security risks in products and services by partnering with other teams in the development and security organisations.

What you get to do in this role:

Serve as a people leader.
Serve as a project manager for PSIRT-led research projects.
Oversee product security incidents, small and large.
Stay updated on industry best practices, including the CVE program and FIRST.org special interest groups.
Recommend and develop new product security policies and procedures.
Partner with key contacts outside of our department.

mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. a global leader in Digital Intelligence solutions for the public and private sectors, empowering organizations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Trusted by thousands of leading agencies and companies globally, Digital Intelligence platform and solutions transform how customers collect, review, analyze, and manage investigative digital data in legally sanctioned investigations.

Position Overview:
As a talented researcher, you will be joining the industrys leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.

Key Responsibilities:
You will join digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, and putting criminals behind bars, every day.

You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.

In this role, you will be part of global IT organization; You will lead a team that its responsibility is to manage IT security service operation in a proactive manner.

In this role, you will be working closely with other internal IT teams as well as extensive work with IT internal customers to adhere with business needs and committed IT security and service level.

Responsibilities:

Global responsibility for designing, building, maintaining, and securing CyberArk network and communication systems from strategy to delivery and service operations and related processes
Responsible for administering security-related infrastructure and applications, such as intrusion detection/prevention systems, EDR, DLP, firewalls, cloud security tools, and vulnerability scanners etc. Including defining and implementing the security systems configuration, policies and hardening based on security policies and operational considerations.
Work with CyberArk CISO to translate security policies into architecture and delivery.
Responsible for Security operation projects to design, implement and support security tools and systems. This will require you to lead projects or ensure the successful projects in this domain which are led by the team.
Managing a team of security system engineers
Responsible for building all the required governance methods and tools of the IT security service, in addition accountable to validate that CyberArk security services are fully updated, and all endpoints are fully in compliance.
Create and maintain technical documentation (e.g. designs, procedures) as needed.
Responsible to meet IT support service level targets and lead a proactive approach to improve the service level and the team efficiency.

As the Senior Director of Cyber Security Center , you will lead the frontline of our cyber defense strategy. You will build, manage, and continuously enhance a world-class capability that includes our Security Operations Center (SOC), Threat Hunting, and Threat Intelligence teams.

Youll be responsible for ensuring real-time threat monitoring, proactive hunting, and deep analysis of adversarial activity all while leveraging AI and automation to accelerate detection, decision-making, and response. You will drive the integration of AI/ML models and threat intelligence into SOC workflows, helping your teams stay ahead of evolving threats and reduce noise through intelligent alerting and prioritization.

Youll define the vision and operational model for modern, threat-informed defense, lead response to high-impact incidents, and collaborate across cyber protection, risk, and technology teams. Youll support the CISO providing insight into threat trends, AI-driven insights, and the overall health of cyber defense posture.


Key Responsibilities

Lead and mature global Cyber Security Center, including 24/7 Security Operations, Threat Hunting, and Threat Intelligence functions.
Establish strategic direction and operational excellence across detection, response, and threat analysis programs.
Oversee incident response efforts, ensuring coordinated investigation, containment, and remediation of security events.
Build and scale proactive threat hunting programs, using hypothesis-driven methods, advanced analytics, and threat behavior models.
Operationalize threat intelligence to improve detection coverage, prioritize threats, and anticipate adversary behavior.
Own the integration and optimization of detection technologies, including SIEM, SOAR, EDR, and threat intelligence platforms.
Define and track operational metrics, such as mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat coverage.
Foster strong partnerships across Cyber Protection, IT, Engineering, and Risk teams, enabling coordinated defenses and incident handling.
Lead, mentor, and grow a high-performing team of security analysts, hunters, and intelligence professionals.
Stay ahead of the evolving threat landscape, continuously evaluating new technologies, frameworks, and methodologies.

Position Overview: Were looking for an experienced and passionate Information Security compliance expert, to help drive organization wide security compliance and risks processes such as Risk Assessment, Mitigation Planning, Compliance with security standards, Internal and External Audits preparations and execution, and supporting customer Security requirements operations.





Responsibilities:
* Planning, performing, and tracking Cyber security gap analysis and risk assessment processes
* Performing internal & external, hands-on technical and procedural security audits
* Develop, implement and track technical risk control/mitigation plans
* Working with the company business owners and IT Business applications and infrastructure to implement security controls, solutions and software qualifications and compliance and monitoring.
* Manage information security related tasks, track progress and report to management
* Plan and execute Security processes and InfoSec group controls
* Write, Update and implement security related procedures
* Lead audit and compliance activities as SOX, SOC2, ISO27001, FedRamp and more and provide Privacy technical guidance
* Contributor to GDPR and privacy, working closely with the company legal department.
* Responsible to handle Internal and third-party security qualification processes, vendor risk management and assign required controls
* Responsible on customers RFP security risk assessment questionnaire; in a business-driven approach and a prompt response time
* Always pushing to modernize compliance solutions with efficiencies and business facing approach

Office Location:
Petah Tikva

Were looking for an experienced and passionate Information Security compliance expert, to help drive organization wide security compliance and risks processes such as Risk Assessment, Mitigation Planning, Compliance with security standards, Internal and External Audits preparations and execution, and supporting customer Security requirements operations.

Responsibilities:
Planning, performing, and tracking cyber security gap analysis and risk assessment processes.
Performing internal & external, hands-on technical and procedural security audits.
Develop, implement and track technical risk control/mitigation plans.
Working with the company business owners and IT Business applications and infrastructure to implement security controls, solutions and software qualifications and compliance and monitoring.
Manage information security related tasks, track progress and report to management.
Plan and execute Security processes and InfoSec group controls.
Write, Update and implement security related procedures.
Lead audit and compliance activities as SOX, SOC2, ISO27001, FedRamp and more and provide Privacy technical guidance.
Contributor to GDPR and privacy, working closely with the company legal department.
Responsible to handle Internal and third-party security qualification processes, vendor risk management and assign required controls
Responsible on customers RFP security risk assessment questionnaire; in a business-driven approach and a prompt response time
Always pushing to modernize compliance solutions with efficiencies and business facing approach

we are seeking a talented GRC Compliance Expert to join our Governance, Risk, and Compliance team.
This role is ideal for someone with a strong understanding of leading international standards and regulations (such as ISO 27001, SOC 2, PCI-DSS, and others) and a passion for building and maintaining scalable, enterprise-grade compliance programs.

Youll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with hands-on experience implementing and maintaining PCI-DSS / SOC2 compliance, including managing assessments, evidence collection, and cross-functional collaboration.

Key Responsibilities

Ensure the companys continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
Monitor changes in the regulatory and industry landscape and assess their applicability to operations.
Lead internal control mapping, gap assessments, and remediation tracking.
Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

Design and deploy network & security systems (FWs, web filtering systems etc.) and networking infrastructure (LAN, WAN, routing protocols, failover mechanism, IPSEC, SSL VPNs).
Perform technical operations on various IP network elements of multiple networks.
Maintain the availability and performance of business-critical networks.
Define and enforce rules for various network security control systems such as: firewalls, virtual private networks.
Provide escalated support and troubleshooting to maintain high availability and performance of the security & network infrastructure.
Create and maintain detailed network & security documentation.
Keep a tight relationship with integrators & vendors to maintain upgrades, installs, downtime planning alongside exploration of new features & innovative solutions.
Evaluate, test and select enterprise networking & security hardware and solutions.