דרושים » אבטחת מידע וסייבר » Sr. Staff Offensive Security Engineer (InfoSec)

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

We're looking for a Cyber Researcher who will be responsible for identifying, analyzing, and providing mitigation options for emerging cyber threats and vulnerabilities in SaaS environments. As a Cyber Researcher, youll lead and contribute to discovering new attack vectors, developing detection and defense techniques, and providing actionable intelligence to strengthen our products and protect our customers.
You will:
Conduct proactive research on emerging threats, vulnerabilities, and attack techniques relevant to SaaS and cloud environments.
Collaborate with engineering and product teams to translate research findings into product features and security controls.
Develop proof-of-concept and detection mechanisms to validate and demonstrate risks.
Stay up-to-date with the latest trends in cyber threats, security tools, and industry best practices.

Were looking for a highly skilled and motivated Application Security Engineer to join our dynamic team. As an Application Security Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features
What Youll Do:
CI/CD Security Hardening
Improve and secure our continuous integration and deployment pipelines through the selection, implementation, and tailoring of new tooling, as well as the maintenance and enhancement of our current stack.
Security Tooling Management
Operate, fine-tune, and customize tools like Snyk, Apiiro, and other AppSec platforms to reduce false positives and enhance threat detection.
Policy Definition
Collaborate with cross-functional teams to develop practical, enforceable CI/CD security policies.
Security Orchestration & Automation
Build and maintain automated playbooks and workflows using orchestration platforms like Torq to support incident response and alert management.

We are making the future of Mobility come to life starting today. At our company we support the worlds largest vehicle fleet operators and transportation providers to optimize existing operations and seamlessly launch new, dynamic business models - driving efficient operations and maximizing utilization.
We are seeking a highly skilled and experienced Information Security Specialist to join
our company's security team. This role is critical in ensuring the security and integrity of our companys infrastructure, services and endpoints. The ideal candidate will have a deep understanding of security principles, architectures, and technologies, endpoint and site security, along with hands-on experience.
As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.
What You'll Do:
Design and maintain the company's security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain our companys security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with our company. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

we are looking for a Cyber Security Engineer with a solid technical background in cyber security to lead the implementation of Velocity XDR product and ensure that meet its clients cyber security needs.
As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.
Main Responsibilities:
Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

were on a mission to help engineering teams build secure software, faster.
Were looking for an Application Security Engineer with a passion for AppSec to join our growing team and push the boundaries of modern application security.

Responsibilities
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

Realize your potential by joining the leading performance-driven advertising company!
we are looking for a top-notch Fraud Expert. As an Advertiser Fraud Expert at our company, your primary responsibility is to lead our companys effort to protect its Publishers by creating/improving fraud detection methodologies and uncover potential vulnerabilities and suggest ways to prevent/avoid them.
You will analyze data, investigate suspicious incidents, and collaborate with cross-functional teams to develop and implement effective fraud prevention strategies. Your role involves monitoring campaigns, identifying fraudulent patterns, and utilizing various tools and technologies to ensure the integrity of our companys advertising platform. You will play a crucial role in maintaining the trust of Advertisers and ensuring the quality and accuracy of our companys Advertising services.
How youll make an impact:
Fraud detection Strategy: you will update or create new fraud detection strategies that will allow early detection of advertiser fraud and addressing of potential blind spots. Utilize fraud detection tools and techniques to identify potential fraudulent activities, such as cloaking. Investigate suspicious incidents by examining patterns, sources, and user behavior to gather evidence.
Data Analysis: Lead and perform data analysis on advertising data to identify anomalies, trends, and potential fraudulent activities. This includes analyzing malvertising, cloaking and billing incidents and presenting them along with recommendations for remediation and/or improvement.
Reporting and Insights: Generate reports and provide insights on fraud incidents, trends, and patterns. Present findings to internal stakeholders, to drive informed decisions and optimize fraud prevention strategies.
Fraud Prevention Measures: Implement and maintain fraud prevention measures, such as monitoring tools, real-time alerts, and automated systems, to proactively identify and prevent potential fraud incidents.
Industry Knowledge and Research: Stay up to date with the latest industry trends, fraud techniques, and emerging technologies in the advertising space. Continuously research and explore new fraud detection methods and tools to enhance our companys fraud prevention capabilities.

we are looking for a Product Security Engineer to join our growing team!
This is a great opportunity to be part of one of the fastest-growing infrastructure companies in history, an organization that is in the center of the hurricane being created by the revolution in artificial intelligence.
"our company's data management vision is the future of the market."- Forbes
we are the data platform company for the AI era. We are building the enterprise software infrastructure to capture, catalog, refine, enrich, and protect massive datasets and make them available for real-time data analysis and AI training and inference. Designed from the ground up to make AI simple to deploy and manage, our company takes the cost and complexity out of deploying enterprise and AI infrastructure across data center, edge, and cloud.
Our success has been built through intense innovation, a customer-first mentality and a team of fearless company ronauts who leverage their skills & experiences to make real market impact. This is an opportunity to be a key contributor at a pivotal time in our companys growth and at a pivotal point in computing history.
Responsibilities
Implement and maintain security controls for applications and systems.
Conduct DAST, SAST, vulnerability scans, and penetration tests.
Develop and enforce security policies and best practices.
Monitor logs, investigate incidents, and respond to threats.
Collaborate with development teams to ensure secure coding practices.
Stay updated on emerging threats and industry standards.

we are seeking a hands-on Security Research Lead to guide a team of researchers while remaining deeply technical. Reporting to the CTO, youll set security research direction, develop detection content for our security platform, and help integrate new offense-inspired capabilities that keep customers ahead of emerging threats.

Responsibilities
Shape the research agenda, coach experienced researchers, and foster a culture of curiosity and excellence.
Design and build proof-of-concept exploits and other detection logic that enhance our product.
Explore AI-driven or otherwise novel offensive techniques that can be safely leveraged to improve threat coverage.
Work closely with Product and Engineering to turn research into production-ready features.
Publish select findings, speak at events, and help position the company as a thought leader in security research.