דרושים » אבטחת מידע וסייבר » Application Security Researcher

Required Application Security Engineer
The Gist
We are one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. Were solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.
Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.
Connect & Canvas
At the heart of our platform is Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. Its designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, were expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.
The Role
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

The CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.

This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.

As an Application Security Engineer you will...
Assist in the development of internal security tools and AI agents.
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline.
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products.
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA.
Develop Internal application security Tools and Automations.
Partner with development and DevOps teams to embed security early and often.
Contribute to secure code reviews and assist with remediation strategies.
Track, triage, and report vulnerabilities across product lines.
Support the adoption of secure development best practices.

We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our companys security research blog.

If you're looking for an exciting opportunity to make a significant impact and grow with a passionate team, we are the place to be.
What Youre About::
As a Security Research Engineer, you will be a driving force behind innovation, researching and prototyping the next generation of security features for our AI-native ASPM platform. This role is directly shaping the future of our product and the security industry.
You'll work on novel solution approaches to application security that go beyond traditional AppSec tooling, implementing POCs for advanced prevention, detection, triage, and remediation features.
This role combines deep security research with hands-on engineering. You'll prototype new capabilities, validate their effectiveness, and work with product and engineering teams to bring successful POCs into the platform. It requires both security expertise and strong building skills.

We are seeking a highly skilled and experienced Information Security Specialist to join


As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with Autofleet. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

Were looking for an experienced and curious Cloud Security Researcher to join our Security Research team and help us push the boundaries of what cloud security can achieve. This is a high-impact role where youll explore new attack surfaces, uncover blind spots, and help shape cloud capabilities and research strategy.

Responsibilities
What Youll Be Doing

Lead deep-dive research projects into cloud environments, services, and misconfigurations
Identify and explore security gaps across major cloud providers (AWS, GCP, Azure)
Collaborate with Product and Engineering teams to turn research into productized features
Conduct offensive simulations to validate risks and their business impact
Communicate findings internally and externally through reports, whitepapers, or talks
Take active part of the ideation process and prototyping of new features and product offerings

Shape the Future of Cybersecurity with Us Are you driven by deep curiosity, bold innovation, and the desire to transform cutting-edge AI research into real-world cybersecurity impact? Join Cynet, an established yet rapidly growing cybersecurity startup, where you’ll help build next-generation AI-powered security products from the ground up. You’ll be part of a small, elite, cross-disciplinary team working closely with security researchers, R&D engineers, data engineers, and product leaders. Here, you’re not just joining a company, you’re stepping into a place where you can envision, build, and deploy foundational AI technologies that protect organizations worldwide. You will have the rare opportunity to drive innovation end-to-end, shape our future technology, and create AI systems that make a real difference in defending against modern cyber threats. This is a role for someone who wants to put their soul into their craft, someone hungry to learn fast, experiment boldly, and turn ambitious ideas into production-ready AI solutions.

What will you do:
In this unique hybrid role spanning data science and cybersecurity research, you will:
* Drive innovation by combining deep security research with modern AI techniques to build impactful, customer-facing security capabilities.
* Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis.
* Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end.
* Engineer and implement core parser and model components in C++ and Python to seamlessly integrate into the Cynet Endpoint Agent and platform infrastructure.
* Use Cynet’s ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models.
* Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions.

XM Cyber is a global leader in hybrid cloud security. XM Cyber brings a new approach that uses the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The XMCyber platform enables companies to rapidly prioritize andrespond to cyber risks affecting their business-sensitive systems. About the role: Are you a super-talent Senior Software Engineer with a deep passion for cybersecurity and a profound understanding of AI-driven attack techniques? We are looking for a highly professional and responsible R&D member to join our team. This role is for someone who thrives on technical challenges and is ready to leverage their expertise to identify, analyze, and defend against advanced cyber threat Responsibilities: As a Senior Software Engineer in R&D, you will be a key player in the design, development, and deployment of our cybersecurity platform. Your responsibilities will include:
* Leading the research and implementation of techniques to identify and mitigate AI-related attack methods, such as data manipulation and adversarial attacks on security systems.
* Developing and integrating new security features into our platform to proactively defend against modern cyber threats.
* Collaborating with our team to define technical requirements and architectural solutions for cutting-edge security features.
* Tackling challenging technical problems at the intersection of cybersecurity and low-level systems.

Were looking for a highly technical and creative Security Researcher to join our research group. This role is central to navigating complex security landscapes, advancing our CNAPP offerings, crafting sophisticated algorithms, and pioneering cloud security research. Working alongside a diverse team, youll explore the cutting edge of cloud and AI-driven security, uncovering critical vulnerabilities, developing novel detection techniques, and driving impactful research publications. Join us in shaping the future of cloud security, where your work not only advances our technology but also deeply resonates with our commitment to exceeding customer expectations, streamlining for simplicity, and tackling challenges with creative solutions.





Responsibilities

Collaborate with teams across the organization, including Product, Frontend, DevOps, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead initiatives from their inception through to deployment, emphasizing backend system efficiency, scalability, and reliability.
Innovate in Defense Evasion, amplifying the capabilities of our agents and engines.
Forge new paths in cloud security research and cyber security algorithm development.
Deep dive into threat detection and product content that provide deep insights and added value to our customers.

Required Security Research Manager - Cloud - Security Automation ( Cortex)
Your Career
Are you excited about leading a team of researchers who are redefining how cloud security is automated? Do you want to shape the future of an Autonomous SOC by building the next generation of remediation and response content?
As the Cloud Cybersecurity Research Manager, you will lead a team of talented researchers creating autonomous remediation plans for cloud runtime and posture issues. You will drive innovation, mentor researchers, and ensure our automation content is precise, safe, and impactful. This role combines hands-on technical knowledge with strategic leadership, empowering your team to deliver solutions that protect customers at scale.
Your Impact
Lead and mentor a team of cloud security researchers, fostering technical excellence, innovation, and collaboration
Define research priorities and guide the design of robust, testable, and autonomous remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
Ensure high-quality delivery of SOAR playbooks and automation content aligned with customer needs and company vision
Collaborate with product, engineering, and threat research teams to maximize the impact of remediation content
Establish processes, KPIs, and best practices to continuously improve research output, playbook quality, and operational efficiency
Stay up to date with attacker TTPs, cloud-native threats, and emerging technologies to guide team direction.