דרושים » אבטחת מידע וסייבר » Solutions Architect (Pentesting/Cyber)

We are seeking an experienced Application Security Architect to join our Cyber Team in our company. As an Application Security Architect, you will be responsible for overall Application Security standards, guidelines, and requirements for different groups in our company. Your expertise in secure architecture, design, and SSDLC will play a crucial role in ensuring the security of our products and the protection of our sensitive financial data. This is a strategic position that offers an opportunity to shape and drive the security initiatives of our cutting-edge fintech solutions.
What youll do:
Review and approve secure architecture designs for all developments for our company customers, partners, integrators or in-house solutions, considering best practices, regulatory requirements and business objectives.
Assist in creating or researching for security solutions solving security challenges, both on-prem and in the cloud.
Collaborate with cross-functional teams (mainly R&D and DevOps/DevSecOps) to define security requirements and design robust security controls for systems, both on-prem and in the cloud.
Provide technical guidance and expertise to internal teams in selecting and integrating in-house solutions or third-party vendors.
Design and implement cloud security solutions, such as network security, identity and access management, data protection and encryption.
Stay up-to-date with the latest security technologies, threats, and trends, and provide recommendations for continuous improvement.
Serve as a subject matter expert on application security, providing guidance and mentorship to other teams in the company.

We are seeking a Cloud Security Manager to join our Cyber Security team at our company. You will be responsible for leading cloud security strategy, architecture, and operations across all cloud platforms (AWS, Azure, GCP), while ensuring alignment with corporate security policies and regulatory requirements.
What you'll do:
Develop and lead the enterprise cloud security strategy, architecture, and roadmap.
Define and enforce security controls for cloud-native applications and infrastructure.
Work closely with DevOps, engineering, architecture and CyberOps teams to embed security into design, deployment, and CI/CD pipelines.
Drive cloud risk assessments, threat modeling, and cloud configuration reviews across platforms working with the GRC team
Lead the implementation and continuous improvement of Cloud Security Posture Management (CSPM), CNAPP, and workload protection solutions.
Respond to cloud security incidents and lead root-cause analysis and remediation efforts.
Monitor regulatory and industry trends (e.g. CIS Benchmarks) to ensure cloud environments meet applicable requirements.
Develop standards, procedures, and guidance for secure use of IaaS, PaaS, and SaaS services.
Report on cloud security posture, risks, and mitigation plans to senior leadership.
Mentor and develop cloud security talent within the security organization.

In this role, you will be part of global IT organization; You will lead a team that its responsibility is to manage IT security service operation in a proactive manner.

In this role, you will be working closely with other internal IT teams as well as extensive work with IT internal customers to adhere with business needs and committed IT security and service level.

Responsibilities:

Global responsibility for designing, building, maintaining, and securing CyberArk network and communication systems from strategy to delivery and service operations and related processes
Responsible for administering security-related infrastructure and applications, such as intrusion detection/prevention systems, EDR, DLP, firewalls, cloud security tools, and vulnerability scanners etc. Including defining and implementing the security systems configuration, policies and hardening based on security policies and operational considerations.
Work with CyberArk CISO to translate security policies into architecture and delivery.
Responsible for Security operation projects to design, implement and support security tools and systems. This will require you to lead projects or ensure the successful projects in this domain which are led by the team.
Managing a team of security system engineers
Responsible for building all the required governance methods and tools of the IT security service, in addition accountable to validate that CyberArk security services are fully updated, and all endpoints are fully in compliance.
Create and maintain technical documentation (e.g. designs, procedures) as needed.
Responsible to meet IT support service level targets and lead a proactive approach to improve the service level and the team efficiency.

Position Overview: Were looking for an experienced and passionate Information Security compliance expert, to help drive organization wide security compliance and risks processes such as Risk Assessment, Mitigation Planning, Compliance with security standards, Internal and External Audits preparations and execution, and supporting customer Security requirements operations.





Responsibilities:
* Planning, performing, and tracking Cyber security gap analysis and risk assessment processes
* Performing internal & external, hands-on technical and procedural security audits
* Develop, implement and track technical risk control/mitigation plans
* Working with the company business owners and IT Business applications and infrastructure to implement security controls, solutions and software qualifications and compliance and monitoring.
* Manage information security related tasks, track progress and report to management
* Plan and execute Security processes and InfoSec group controls
* Write, Update and implement security related procedures
* Lead audit and compliance activities as SOX, SOC2, ISO27001, FedRamp and more and provide Privacy technical guidance
* Contributor to GDPR and privacy, working closely with the company legal department.
* Responsible to handle Internal and third-party security qualification processes, vendor risk management and assign required controls
* Responsible on customers RFP security risk assessment questionnaire; in a business-driven approach and a prompt response time
* Always pushing to modernize compliance solutions with efficiencies and business facing approach

Office Location:
Petah Tikva

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution. You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.
Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.
Roles and Responsibilities:
Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Be the guardian of trust in a fast-moving fintech world. As a GRC Security Specialist, youll lead cybersecurity governance, drive compliance with global standards (SOC 2, PCI-DSS, NIST), and partner with tech and legal teams to embed security into every layer of the business. If you live and breathe risk, regulation, and resiliencethis is your arena.
What youll do:
Developing and maintaining policies, procedures, and controls to ensure compliance with regulatory, legal, and audit requirements, as well as best business practices.
Creating a cybersecurity compliance strategy and ensuring alignment with contractual obligations and globally recognized standards and guidelines.
Identifying regulatory, legislative, and industry-specific compliance requirements and defining controls to meet them.
Conducting and participating in periodic internal reviews or audits to ensure compliance procedures are followed.
Overseeing and evaluating compliance systems to ensure their effectiveness.
Compiling and presenting reports to management on compliance activities and progress.
Staying up to date on industry developments, regulatory trends, and best practices to assess their impact on the organization.
Designing and implementing improvements in compliance communication, monitoring, and enforcement mechanisms.
Developing and executing a compliance awareness program, including the creation and distribution of materials for all employees.
Partnering with Legal and IT teams to manage data protection agreements and compliance initiatives.
Leading the development and execution of company-wide security awareness and training initiatives.
Assisting in incident response planning and investigations when necessary.

As the Senior Director of Cyber Security Center , you will lead the frontline of our cyber defense strategy. You will build, manage, and continuously enhance a world-class capability that includes our Security Operations Center (SOC), Threat Hunting, and Threat Intelligence teams.

Youll be responsible for ensuring real-time threat monitoring, proactive hunting, and deep analysis of adversarial activity all while leveraging AI and automation to accelerate detection, decision-making, and response. You will drive the integration of AI/ML models and threat intelligence into SOC workflows, helping your teams stay ahead of evolving threats and reduce noise through intelligent alerting and prioritization.

Youll define the vision and operational model for modern, threat-informed defense, lead response to high-impact incidents, and collaborate across cyber protection, risk, and technology teams. Youll support the CISO providing insight into threat trends, AI-driven insights, and the overall health of cyber defense posture.


Key Responsibilities

Lead and mature global Cyber Security Center, including 24/7 Security Operations, Threat Hunting, and Threat Intelligence functions.
Establish strategic direction and operational excellence across detection, response, and threat analysis programs.
Oversee incident response efforts, ensuring coordinated investigation, containment, and remediation of security events.
Build and scale proactive threat hunting programs, using hypothesis-driven methods, advanced analytics, and threat behavior models.
Operationalize threat intelligence to improve detection coverage, prioritize threats, and anticipate adversary behavior.
Own the integration and optimization of detection technologies, including SIEM, SOAR, EDR, and threat intelligence platforms.
Define and track operational metrics, such as mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat coverage.
Foster strong partnerships across Cyber Protection, IT, Engineering, and Risk teams, enabling coordinated defenses and incident handling.
Lead, mentor, and grow a high-performing team of security analysts, hunters, and intelligence professionals.
Stay ahead of the evolving threat landscape, continuously evaluating new technologies, frameworks, and methodologies.

We are looking for a Technical Alliance Director.
Roles and Responsibilities:
Build and execute technical alliances strategy aligned to product and GTM priorities; identify, prioritize, and onboard strategic ISV partners.
Drive strategic alliances to deliver value to customers as well as delivering significant impact in GTM and supporting sales and ARR growth
Own the integration portfolio: solution design, API usage, reference architectures, validation, certification, and lifecycle management.
Drive joint development with partner engineering teams; oversee POCs, co‑innovation projects, and security/quality reviews. Publish and maintain technical collateral (integration guides, solution briefs, demos, lab environments, listings/marketplaces) and enable field teams.
Measure and report KPIs (certified integrations, usage/adoption, influenced pipeline, ARR impact, support health).
Serve as the senior technical point of contact for alliances; present joint value at executive briefings, roadmap sessions, webinars, and industry events.
Partner with Product Management to shape roadmaps based on partner capabilities and customer demand; champion ecosystem requirements into R&D.

we are seeking a talented GRC Compliance Expert to join our Governance, Risk, and Compliance team.
This role is ideal for someone with a strong understanding of leading international standards and regulations (such as ISO 27001, SOC 2, PCI-DSS, and others) and a passion for building and maintaining scalable, enterprise-grade compliance programs.

Youll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with hands-on experience implementing and maintaining PCI-DSS / SOC2 compliance, including managing assessments, evidence collection, and cross-functional collaboration.

Key Responsibilities

Ensure the companys continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
Monitor changes in the regulatory and industry landscape and assess their applicability to operations.
Lead internal control mapping, gap assessments, and remediation tracking.
Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

As a Senior PT Researcher, you will be the go-to-guy to find traditional and creative ways to break all kinds of products.

Make sure CYBR products are in a secure state by leading vulnerability research projects focused internally on the company products.
Present findings and work closely with software architects and development teams to ensure products are developed according to the best security standards.
Be a security research expert and stay up to date with new vulnerability research techniques that are being developed and published worldwide.
Through the year, include research work, and aim to discover innovative and creative security findings in CYBR products.