דרושים » אבטחת מידע וסייבר » Cyber security expert

Job description:
our company in the center of the country has a long-term full-time communications and information security person
The role includes: working on the organizations information security systems, working and experience with FIRE WALL of various information security manufacturers. Leading large projects and driving many processes and technologies in the organization.
Full-time long-term with promotion options.

our company, one of the leading cyber and information security companies in the field, is recruiting for the position - Microsoft Information Security Specialist.

The role consists of:
* Design, design and implementation of complex security solutions
* Leading Microsofts POC processes
* Development, implementation and management of the field of security training
* Leading Microsoft and Cloud projects as the solution architect.

We are looking for a hands-on cybersecurity expert to serve as a trusted technical advisor for our customers.
In this role, you will leverage your in-depth knowledge of the cybersecurity landscape, Pentera platform, and security validation principles to lead technical deep-dives, guide remediation strategies, and ensure successful deployment.
Acting as the bridge between the field and R&D, you will combine technical and problem-solving skills with strong communication abilities to drive platform adoption and enhance customer security maturity.
Roles & Responsibilities:
Demonstrate deep technical mastery of the Pentera platform and its integration across customer networks, endpoints, authentication, and security controls.
Lead technical deep-dives with security teams (SOC, IR, Red/Blue) to review findings, explain and analyze attack vectors, and guide remediation based on real-world offensive techniques.
Provide end-to-end support for deployment, configuration, and complex troubleshooting, while advising on security risks, misconfigurations, and validation procedures.
Drive customer success, retention, and platform adoption by providing consistent technical guidance on cybersecurity trends and identifying opportunities for expanded use.
Act as the technical voice of the customer, channeling operational feedback and needs internally to Product, R&D, and Support teams.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution.
You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.
Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.
Roles and Responsibilities:
Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Job Description:
Provide end-to-end guidance for technology projects on application security aspects, from initiation to production, while defining security policies.
Draft security guidelines for development teams to ensure secure coding practices, address vulnerabilities and security gaps in development and production environments and implement technological security solutions in application domains.
Collaborate in designing secure architectures aligned with company policies.
Identify application-level security gaps and define required controls.
Monitor and ensure compliance with cybersecurity risk management directives issued by the regulatory authority, organizational procedures, and security guidelines for various business and technology units.
Support application security assessments, including scope definition, validation of findings, and oversight of remediation efforts to close exposures.
Draft requirement documents for security products and innovative technologies.

Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes , managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.

As a Vulnerability Researcher, you will identify and analyze security vulnerabilities in advanced and complex systems, focusing on attack surfaces protected by the latest mitigation techniques. You will develop and execute exploits to demonstrate real-world impact and propose innovative solutions to enhance the security and resilience of these technologies.
Conduct comprehensive vulnerability research across diverse domains, including LLMs, Agentic AI systems and infrastructure, operating systems, web browsers, hypervisors, and cloud environments.
Develop PoC exploits and mitigation strategies for discovered vulnerabilities. Author and publish research articles both on the company Labs * Research blog and in prominent cybersecurity journals as well as mainstream media outlets.
Present innovative research at leading security conferences such as Black Hat, DEFCON, RSA, and OffensiveCon.
Collaborate closely with R&D teams to influence and shape the development of future our company features and products.

we are looking for a Cloud Security Researcher.
As a Cloud Security Researcher, you will explore and exploit cloud-native attack surfaces, uncovering new vulnerabilities and researching misconfigurations across AWS, Azure, GCP, and container ecosystems. Youll work on offensive cloud security projects that blend creativity, technical depth, and innovation, contributing to cutting-edge tools and methodologies.
Roles and Responsibilities:
Research and develop novel attack techniques targeting cloud environments and infrastructure.
Analyze and exploit vulnerabilities across multi-cloud platforms (AWS, Azure, GCP).
Identify and document security flaws in cloud configurations, networking, and identity systems.
Perform hands-on testing in containerized and Kubernetes-based systems.
Collaborate with engineering and product teams to translate research into security features and best practices.
Develop PoCs, tools, and scripts to automate vulnerability discovery.
Contribute to the wider security research community through responsible disclosure and technical publications.
Stay ahead of emerging cloud threats, security trends, and adversarial TTPs (MITRE ATT&CK, OWASP Cloud-Native Top 10).