דרושים » אבטחת מידע וסייבר » SecOps Engineer

We are seeking a highly skilled and experienced Information Security Specialist to join


As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with Autofleet. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

Required Application Security Engineer
The Gist
We are one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. Were solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.
Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.
Connect & Canvas
At the heart of our platform is Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. Its designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, were expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.
The Role
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

Required Sr. Threat Detection Engineer
About the Team:
You'll be joining our Cloud Content Research team, a team focused on stopping real-world adversaries targeting cloud infrastructure. Our unique position within allows us to work closely with our Threat Intelligence, OverWatch, and Incident Response teams, translating front-line observations of adversary tactics into effective detection capabilities. We combine deep cloud security expertise with innovative detection engineering to identify and stop sophisticated cloud threats. Our team creates advanced detection content and drives innovation in cloud security through close collaboration with Product and Engineering teams, who develop new detection capabilities based on our insights and requirements. We focus on both strategic research into emerging cloud attack techniques and rapid response to evolving adversary tactics observed in the wild.
About the Role:
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities
Design and implement detection logic across multi-cloud and hybrid environments
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

We are looking for a top-notch Senior Security Researcher, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats.

Responsibilities
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the our mission and work closely with our customers regarding cyber security investigations and incidents detected in their environments

The company CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.
This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.
As an Application Security Engineer at our company you will...
Assist in the development of internal security tools and AI agents
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Develop Internal application security Tools and Automations
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Support the adoption of secure development best practices.

About the Engineering Team
Were a team of smart, curious engineers building scalable, reliable systems that power content creation for millions. We work with modern web technologies, tackle real-world challenges in distributed systems, and keep things practicalno overengineering, just solid solutions. If you love solving tough problems, moving fast, and building tech that creators actually use, youll fit right in.
On your day to day
we are looking for a Head of Security. In this role, you will be responsible for defining and executing our security strategy across infrastructure, applications, and corporate environments. Youll establish and enforce security best practices, proactively monitor and respond to threats, and ensure compliance with relevant regulations and standards. You will also work cross-functionally with Engineering, Legal and Finance to embed security into everything we do. With our company scaling rapidly, youll be making a critical impact from day one.

we are looking for an experienced Incident Responder to join our newly established team. The team will support customers in responding to cloud incidents and proactively hunt for undetected threats.
WHAT YOULL DO
Investigate real-world cyber-attacks on customers cloud environments and cloud workloads, understanding their root causes and the full scope of compromise, leveraging the company platform.
Perform proactive threat hunting to identify undetected cyber-attacks and cloud threats within customer environments.
Collaborate with customer teams during engagements to effectively respond to threats.
Develop and deliver professional engagement reports, including high-level summaries and deep dives into technical findings.
Develop and document incident response methodologies, best practices, and standard operating procedures tailored to cloud environments and cloud workloads.
Collaborate with the threat research and engineering groups to refine and enhance incident response detections, tools, and features, based on real-world investigation experiences.

We are seeking a hands-on and pragmatic security leader to oversee our information security program. You will ensure our systems, employees, and data remain secure while aligning risk management with business priorities. Youll lead compliance initiatives, drive security awareness, and embed security into company processes without slowing down innovation.

What you'll be doing:

Own and evolve the companys information security strategy aligned to business objectives.
Lead security operations: incident response, vulnerability management, IAM, and vendor risk assessments.
Ensure compliance with SOC 2, ISO 27001, and other customer/partner security requirements.
Partner with Product & Engineering to integrate security by design.
Manage relationships with security vendors, auditors, and consultants.
Conduct regular employee security training and awareness campaigns.
Report on risks, metrics, and posture to the executive team and board.
Build and mentor a small security function (team or outsourced model).

As a Research Analyst, your responsibilities will include developing, managing and improving existing detection methods, correlating and discovering relationships between events and incidents, and producing research proposals, publications, and analysis reports. You will contribute to process improvement and efficiency by researching, assessing, and analyzing threat actors and adversary tactics and techniques based on real-world observations. We're looking for a motivated and seasoned security professional with the technical skills to analyze malware, conceive, design, and develop new methods or approaches to address Cyber security threats/attacks. We value deep knowledge of hacking methodologies, a proven track record in delivering impactful cybersecurity solutions, and a strong drive to contribute meaningful security insights to our community!