דרושים » אבטחת מידע וסייבר » Director Cyber & Data Risk Strategy

Required Chief Information Security Officer
About the Role
As our Chief Information Security Officer (CISO), you will own and lead all aspects of Information Security for us. Reporting to the CTO, you will lead and manage three teams which are individually responsible for Governance Risk and Compliance, Product Security and Security Operations. As CISO, you will shape and execute our security strategy and roadmap, ensuring trust, resilience, and compliance at scale. You will grow and lead the security department and work closely with our leadership to balance business growth with risk management. Externally, you will represent us to customers, auditors, and regulators, reinforcing our commitment to security and trust. Above all, you will ensure that our customers, data, and operations remain secure as we scale.
Overall Security Governance Strategy
Define and execute the company-wide security strategy and roadmap
Align security initiatives with our business objectives and risk appetite
Report on security posture to company executives and te board
Security Operations
Infrastructure Security - Collaborate with DevOps and IT teams to secure our infrastructure and cloud environment
Endpoint Security - Protect employee devices and access points
SaaS Security - Monitor and secure third-party SaaS applications
Data Loss Prevention - Implement controls to prevent unauthorized data access, sharing, and exfiltration across systems and endpoints
Identity and Access Management - Manage the companys access policy and controls
Threat Detection & Incident Response - Establish SIEM, threat intelligence, and forensic capabilities
Incident Response - Respond to security events, conduct investigations, and lead mitigation efforts
GRC (Governance, Risk, and Compliance)
Risk Management & Assessments - Perform regular risk assessments on our systems, processes, and infrastructure, and drive mitigation plans
Certifications & Compliance - Maintain compliance with SOC 2, ISO 27001, DORA, NYDFS, and other regulations
Audits & Regulatory Compliance - Lead security audits, manage interactions with external auditors, government agencies, and regulatory bodies
Third-Party & Vendor Security Assessments - Conduct security evaluations of vendors and partners to ensure data protection standards are met
Security Policies & Frameworks - Maintain and enforce company-wide security policies, ensuring cross-functional adoption
Product Security
Secure Software Development Lifecycle (SSDLC) - Integrate security into our development processes, shift left on security through the entire product lifecycle.

Are you passionate about staying one step ahead of cyber threats? Do you thrive at the intersection of deep technical expertise and strategic leadership?
We're looking for an exceptional Offensive Security & Research Team Leader to drive cutting-edge offensive operations, lead a team of elite security professionals, and shape the future of cyber resilience.

In this role, you'll lead hands-on red team activities, threat research, and vulnerability discoverypushing the boundaries of what's possible in cyber offense. You will work closely with product, engineering, and executive stakeholders to translate complex attack scenarios into real-world risk mitigation strategies.

This is more than a leadership positionit's an opportunity to build and scale a high-impact team at the forefront of the cybersecurity landscape.

Job Description:
Lead a high-performing offensive security team specializing in red teaming, threat emulation, advanced adversary simulation, and vulnerability research.
Mentor and grow team members, fostering a culture of continuous learning, innovation, and operational excellence.
Promote a culture of innovation, encouraging curiosity and technical excellence within the team.
Translate technical discoveries into operational insights that enhance offensive engagements and deliver clear value to clients
Collaborate cross-functionally with EY's cyber offensive and defensive teams
Develop and maintain internal tools and methodologies that enhance offensive capabilities, automation, and reporting accuracy.
Design and execute tailored offensive engagements, including full-scope red team operations, assumed breach scenarios, and social engineering campaigns.

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
We're looking for a Manager to lead a security research team for detection and response across cloud environments. This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Your Impact
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are seeking a highly skilled and experienced Senior Risk Operations Analyst to join the RiskOps Infrastructure & Modernization team. In this pivotal role, you will be responsible for driving the modernization, enhancement, and automation of our risk & compliance processes and workflows across the organization. You will play a critical part in strengthening our risk and compliance operational frameworks, ensuring operational efficiency, adhering to regulatory requirements and fostering a culture of continuous improvement within a rapidly evolving global fintech environment.

Responsibilities:
Lead the strategic design and implementation of enhanced and automated and AI-based risk operations and compliance operations processes and workflows, leveraging cutting-edge technologies and best practices.
Drive the improvement and creation of comprehensive RiskOps knowledge bases, procedures, training programs, and policies to ensure consistency, efficiency, effectiveness and clarity across all relevant teams.
Monitor progress and measure performance, embrace ongoing improvements framework.
Provide support during audits and regulatory examinations.
Support cross-company processes and ad-hock tasks.
Continuously monitor the performance, progress, and exposure of risk-related activities, ensuring the effective implementation of recommendations and remediation plans.
Identify, assess, and address potential operational and technological risks within the risk/compliance/operations infrastructure, collaborating with relevant departments to establish robust mitigation strategies.
A data-driven approach, utilizing insights to inform decisions and drive continuous improvement.
Promote a culture of proactivity, efficiency, innovation and continuous learning within the risk and compliance functions.

​​If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
Were looking for a Security Research Manager to lead a team focused on two of the fastest-growing domains in cybersecurity: autonomous investigation and response (Autopilot), and macOS detection and response. This is a unique opportunity to lead an exceptional team of researchers within the largest security company in the world, helping to revolutionize threat detection, investigation and response through patent-grade capabilities.
Your Impact
Lead, mentor, and grow a team of talented security researchers
Drive the inception, strategy and execution of our autonomous investigation and response solution (Autopilot)
Drive the strategy and execution of research initiatives to uncover novel techniques to detect and respond to sophisticated attacks targeting macOS endpoints
Define and prioritize detection and investigation use cases, relevant datasets, and innovative approaches based on runtime visibility, statistic algorithms and threat intelligence
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content
Foster collaboration across research, engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are looking for a Cyber Security Manager.
The cyber security manager implements, and monitors security policies and procedures, and ensures compliance with relevant standards and regulations. The Cyber Security Manager Serves as a team member for Information Technology Services (ITS) and Information Security Officer team at the Israel member firm. Specifically, he will be responsible for Leading various cyber security projects/ areas & Improving Cyber Security IL MFs posture.
The manager works with the member firm to identify areas of potential risk, potential cost savings, and operational efficiencies that will reduce the overall risks to client and firm data resources, and May participate in projects with participants from other countries in cross border operations.
The position will also work closely with the US Member Firm team The position is open to both women and men.

As a VP of AI Security Research, you will lead, scale, and inspire multi-disciplinary teams focused on red teaming, sandboxing, adversarial testing, developing red-teaming engines, and guardrail protections for GenAI models and agentic AI systems.
In this high-profile role, you will work closely with security research, product, engineering, and compliance teams to shape and deliver the next generation of AI cybersecurity solutions, while combining strategic vision with execution to effectively safeguard LLMs and agentic AI deployments at scale. Responsibilities:
Building and scaling global AI security teams, while providing mentorship to senior managers and fostering an innovation-driven security culture.
Overseeing advanced adversarial evaluations for GenAI models, agentic AI, and multi-agent (A2A) systems, and delivering executive-level threat intelligence and risk assessments to inform corporate AI strategy.
Defining and implementing AI red-teaming frameworks
Partnering with product and engineering to design and deploy enterprise-ready AI guardrails, including policy enforcement layers, monitoring pipelines, and anomaly detection systems and championing secure deployment practices for GenAI.

Are you passionate about using cutting edge data science approaches to help protect the world against cyber-threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive team that will have an impact on the lives of many customers?
You will cross-functionally lead a group of security researchers focusing on delivering security outcomes to our customers. You will lead projects, customer interaction and leadership discussions from both a research and business perspective. You will partner with other research, engineering, product and marketing leaders to make sure your impact is delivered across all possible avenues.
Your Impact
Be the main driver for cross functional research projects requiring deep dives and high level business guidance
Foster deep relationships with high value customers to enable them to get the best security outcomes
Collaborate and partner up with different research, marketing, engineering and PM teams to deliver outcomes in every aspect
Lead executive level discussions and be a part of building the roadmap and influence key decision points.

We are looking for a highly motivated Operational Risk Manager to join the Second Line of Defense Risk team. The role is based in Tel Aviv. It is a key role in our Risk organization, responsible for helping the company identify and mitigate risks arising from internal processes, people, systems, and external events.

Responsibilities:
Help enhance the companys Operational Risk Framework, including policies, procedures, and controls.
Collaborate with key stakeholders in business units to perform operational risk management processes, e.g., document Important Business Services, conduct operational resilience reviews, investigate operational processes and procedures, perform risk and control assessments.
Maintain risk registers and implement key risk indicators to monitor operational risks.
Help strengthen the companys risk management programs (e.g., incident management, outsourcing).
Communicate risk information to stakeholders across the company and help prepare regular reports on operational risk matters.