דרושים » אבטחת מידע וסייבר » מנהלת מחלקת אבטחת מידע CISO

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

We are seeking a highly skilled and experienced Information Security Specialist to join


As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with Autofleet. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

We are seeking a hands-on and pragmatic security leader to oversee our information security program. You will ensure our systems, employees, and data remain secure while aligning risk management with business priorities. Youll lead compliance initiatives, drive security awareness, and embed security into company processes without slowing down innovation.

What you'll be doing:

Own and evolve the companys information security strategy aligned to business objectives.
Lead security operations: incident response, vulnerability management, IAM, and vendor risk assessments.
Ensure compliance with SOC 2, ISO 27001, and other customer/partner security requirements.
Partner with Product & Engineering to integrate security by design.
Manage relationships with security vendors, auditors, and consultants.
Conduct regular employee security training and awareness campaigns.
Report on risks, metrics, and posture to the executive team and board.
Build and mentor a small security function (team or outsourced model).

Were looking for a highly skilled Cybersecurity Governance, Risk, and Compliance Engineer with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.

We are looking for a Senior Security Technical Program Management - Threat protection research.
As a Technical Program Manager for Security Threat Research, you will own the strategy, planning, and execution of global threat research programs in the area of attack response automation, with a strong emphasis on quality, operational excellence, and AI-driven innovation to enhance the protection value to cusotmers.
Were looking for an experienced professional with proven program management expertise and solid technical security knowledge, who can bring clarity, structure and a proactive approach to complex, cross-functional environments.
Youll collaborate closely with threat researchers, data scientists, product managers, and engineering teams across Defender XDR and related security and AI technologies to deliver programs that advance threat response automation and strengthen protection for customers worldwide.
Responsibilities:
Drive the creation and execution of threat response quality programs and processes, incorporating insights and AI across global research and product teams.
Develop and maintain program plans, timelines, OKRs, and KPIs to ensure high-quality and timely delivery.
Act as a technical and strategic advisor, collaborating across teams to share knowledge, influence decisions, and shape future directions.
Provide guidance and coaching that promote an inclusive culture and a growth mindset across teams.

CISO (5981) A leading services company providing information security services to mid-sized and large enterprises in the central region is seeking an experienced CISO.

Description
For many of us theres that one podcast we never miss, and video content is part of our daily routine, whether its professional or personal. But how many of us truly understand the effort that goes on behind the scenes? Here at our company, we know it well. Thats exactly why we built an AI-powered platform that helps content creators, podcasters, marketeers, and more at major brands like Netflix, Disney, Google, and Microsoft to create high-quality content with ease.
our companys technology streamlines the entire content creation process, turning ideas into professional-grade content with the highest production standards, without requiring expensive equipment or external services. The secret? AI-driven tools that replace traditional production roles like editing, directing, and design, automating the entire process at the click of a button.
About the Engineering Team
Were a team of smart, curious engineers building scalable, reliable systems that power content creation for millions. We work with modern web technologies, tackle real-world challenges in distributed systems, and keep things practicalno overengineering, just solid solutions. If you love solving tough problems, moving fast, and building tech that creators actually use, youll fit right in.
On your day to day
we are looking for a Head of Security. In this role, you will be responsible for defining and executing our security strategy across infrastructure, applications, and corporate environments. Youll establish and enforce security best practices, proactively monitor and respond to threats, and ensure compliance with relevant regulations and standards. You will also work cross-functionally with Engineering, Legal and Finance to embed security into everything we do. With our company scaling rapidly, youll be making a critical impact from day one.

Manage and mentor a team to drive research projects and improve outcomes, ensuring collaboration and growth within the group.
Map complex data structures and risk surfaces to help our customers ensure proper coverage
Ensure that the research conducted provides tangible product value to the customer, enhancing their security posture and overall experience.
Detect security flaws in SaaS applications and business applications
Research applications and permission structures
Help our customers research incidents with context enrichment and event investigation
Collaborate with our product and engineering teams to define innovative solutions to our customer needs
Publish relevant findings to the industry

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

CodeValue is looking for a skilled and experienced Security Engineer to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows, aligning with industry best practices and compliance requirements.