דרושים » אבטחת מידע וסייבר » Penetration Tester /Red teamer

Required Application Security Engineer
The Role:
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do:
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

At our company, were reinventing DevOps to help the worlds greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. Here, if youre willing to do more, your career can take off. And since software plays a central role in everyones lives, youll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust our company to manage, accelerate, and secure their software delivery from code to production -- a concept we call liquid software. Wouldn't it be amazing if you could join us on our journey?The companyCSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the company application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our company products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher at our company you will
Continuously assess and challenge our companys overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Plan and lead cross-company efforts with the R&D that will improve our companys security posture.

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.

In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.

The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.

Responsibilities:

Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

As a Cyber Security Engineer, youll play a key role in protecting our global platform and ensuring the resilience of our systems against emerging threats. Youll be responsible for investigating and responding to security incidents, analyzing malware, and conducting threat hunting activities across cloud environments.

Youll collaborate closely with the Infosec team, engineers, and cross-functional stakeholders to detect, contain, and mitigate threats, while continuously improving our security posture.

As part of a strong, experienced team, youll contribute to design, shape and implement information security solutions, mentor others in best practices, and drive automation initiatives to streamline detection and response.

Responsibilities:
Develop and maintain automation scripts in Python to enhance SOC efficiency and incident response workflows.
Perform initial triage and assessment of security incidents, identifying threats and recommending mitigation strategies.
Conduct static and dynamic analysis to uncover malicious behaviours, code, and techniques.
Apply forensic methodologies to extract, analyze, and interpret digital evidence to support investigations and attribution.
Investigate and mitigate cloud-based threats, with a focus on AWS environments.
Collaborate with cross-functional teams to strengthen overall organizational security and ensure best practices.

The company CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.
This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.
As an Application Security Engineer at our company you will...
Assist in the development of internal security tools and AI agents
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Develop Internal application security Tools and Automations
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Support the adoption of secure development best practices.

We are looking for a top-notch Senior Security Researcher, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats.

Responsibilities
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments

We are seeking an experienced Malware Research Director to build and manage multiple teams dedicated to malware research and review. This role presents an exciting opportunity to establish a new operation from the ground up, including recruiting top talent, creating processes, and setting up cross-team collaboration while serving as the primary client interface. The position is primarily leadership and client-facing, requiring exceptional team-building and operational setup skills. The ideal candidate demonstrates proven experience in building teams from scratch, establishing new operations, and strong client relationship management capabilities. Key Responsibilities:
* Build and recruit multiple teams of malware researchers from scratch
* Establish operational processes, workflows, and quality standards for the new teams
* Coordinate with other departments to integrate the new operation into the existing infrastructure
* Serve as primary client interface, managing relationships and ensuring client satisfaction
* Present research findings and malicious evidence to clients and stakeholders
* Create training programs and onboarding processes for new team members
* Develop performance metrics and evaluation frameworks for team effectiveness
* Lead client meetings, requirement discussions, and project planning sessions
* Collaborate with sales and business development teams on client engagements
About:
We are the leading provider of security and safety solutions for online experiences, safeguarding more than 3 billion users, top foundation models, and the worlds largest enterprises and tech platforms every day. As a trusted ally to major technology firms and Fortune 500 brands that build user-generated and GenAI products, we empower security, AI, and policy teams with low-latency Real-Time Guardrails and a continuous Red Teaming program that pressure-tests systems with adversarial prompts and emerging threat techniques. Powered by deep threat intelligence, unmatched harmful-content detection, and coverage of 117+ languages, we enable organizations to deliver engaging and trustworthy experiences at global scale while operating safely and responsibly across all threat landscapes.
Hybrid:
No

We are seeking a highly skilled and experienced Information Security Specialist to join

As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the =security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain =security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with =. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

We are seeking a Senior AI Product Security Engineer to join our innovative team at our company . As our Senior AI Security Engineer, you will lead the development and implementation of security frameworks for our AI systems, combining strategic thinking with hands-on technical expertise. This role presents an outstanding opportunity for a professional who is passionate about AI security and driven to advance the field. Working alongside professionals who share your commitment to excellence, you will be at the forefront of securing our AI products. We value professionals who embrace challenges and demonstrate the ability to quickly adapt to and master new technologies.

Key Responsibilities:

Lead security evaluation and enhancement initiatives across our AI products
Drive innovation through research and implementation of advanced AI security technologies
Conduct comprehensive code reviews, threat modeling, and vulnerability assessments
Design and implement robust security architectures for AI systems
Collaborate with cross functional teams to track security defects and align with them on remediation steps.
Provide technical leadership and mentorship in AI security best practices

What We Are Looking For As a PR GenAI Security Researcher, you will design novel attacks on GenAI applications and share your findings with the broader community. Your primary responsibility will be to ideate, prototype, and exploit GenAI applications, RAG pipelines, and multi-agent systems, turning your discoveries into talks, papers, and workshops. We are looking for an experienced security researcher with peer-reviewed publications, experience organizing cybersecurity workshops, a proven track record of jailbreaking commercial models, and a talent for creating engaging content. This role is ideal for someone who can not only uncover vulnerabilities but also educate, inspire, and lead the global security community.
Key Responsibilities
* Proactively discover and responsibly disclose novel vulnerabilities and attack vectors in commercial and open-source GenAI models.
* Create compelling and accessible content (e.g., blog posts, videos, tutorials) that translates complex research into insights for a wider audience.
* Author and publish peer-reviewed papers in top-tier cybersecurity conferences (e.g., Black Hat, DEF CON, RSA, CCC).
* Develop and lead public workshops and technical tutorials to share new security techniques and countermeasures with the community.

About ActiveFence:
ActiveFence is the leading provider of security and safety solutions for online experiences, safeguarding more than 3 billion users, top foundation models, and the world’s largest enterprises and tech platforms every day. As a trusted ally to major technology firms and Fortune 500 brands that build user-generated and GenAI products, ActiveFence empowers security, AI, and policy teams with low-latency Real-Time Guardrails and a continuous Red Teaming program that pressure-tests systems with adversarial prompts and emerging threat techniques. Powered by deep threat intelligence, unmatched harmful-content detection, and coverage of 117+ languages, ActiveFence enables organizations to deliver engaging and trustworthy experiences at global scale while operating safely and responsibly across all threat landscapes.