דרושים » אבטחת מידע וסייבר » Application Security Researcher

The Team Our research team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating - challenging the way we, and the industry, think about cybersecurity. Our researchers dont shy away from building products to solve problems no one has pursued before. We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. Job Summary If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you. As a Manager of the Core Cloud Posture team, you will lead a new, high-impact team of security researchers. You'll innovate and build on top of our market-leading posture portfolio and be responsible for the "what's next." Your mission is to innovate on top of this foundation, build the intelligent "connective tissue" that provides unparalleled context, and architect the next-generation features that will keep us ahead of the market. Key Responsibilities Lead, and grow a team of talented security researchers focused on enhancing the cloud security posture of our customers Act as a technical mentor and force multiplier for junior security researchers. You will actively share your deep industry experience, guide their research methodologies, and foster a learning environment that accelerates their professional development from talented juniors into autonomous experts Champion the continuous evolution of our security logic. You will ensure our posture coverage keeps pace with the rapidly changing cloud landscape, systematically addressing gaps and refining our policies to address evolving threats Leverage our advanced cross-product engines to synthesize isolated findings into a cohesive, prioritized story of risk for the customer Stay ahead of the evolving cloud threat landscape, translating the latest research on cloud-native based attacks into resilient posture policies that effectively minimize the attack surface Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions

We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our companys trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

We're looking for a hands-on Application Security leader with extensive experience building and scaling AppSec programs in high-growth software environments. Proven ability to balance strategy with execution, embed security into engineering workflows, and partner closely with R&D teams to deliver measurable risk reduction without slowing development.
What will you do?
Mature and scale our Application Security function across R&D, establishing clear ownership, processes, and engagement models with engineering teams
Embed application security into CI/CD pipelines and daily development workflows, enabling secure-by-default engineering practices
Hands on knowledge in pen testing and code review in multiple languages.
Lead the implementation, tuning, and ongoing optimization of AppSec tooling (Semgrep, Oligo, Escape DAST), and our company Bug bounty program, driving high signal-to-noise detection and actionable remediation
Define and maintain application security standards, policies, and secure development frameworks aligned with business and engineering needs
Conduct and Lead threat modeling sessions, architecture risk reviews, and secure design assessments for new and existing services
Partner closely with Engineering Managers, Tech Leads, and Architects to promote secure coding practices and pragmatic security decisions
Support our company research program company CTRL, with dedicated research activities and focus on new vulnerabilities discovery.
Establish and track meaningful AppSec KPIs (vulnerability trends, remediation SLAs, pipeline coverage, risk posture) and reported progress to stakeholders
Translate security initiatives into clear execution plans, ensuring adoption and measurable impact across teams
Mentor engineers and security champions, gradually expanding AppSec ownership and scaling the program with organizational growth.

We are looking for a highly motivated and technically proficient Security Researcher to join our security research division.

we are looking for an experienced Security Researcher to join our growing research team. The team's responsibility is vulnerability research for both PR purposes and research for our companys product. In this role, you will focus on vulnerability research of open-source projects and reverse engineering of low-level binaries. The team also focuses on AI security and low-level product security research.
A key part of your work will include analyzing internal code and identifying security risks to improve our companys overall security posture and support our PR efforts.
What you will do
Vulnerability Discovery: Research and discover vulnerabilities across AI applications, low-level products, and cloud environments, including the development of functional Proof-of-Concepts (PoCs).
Public Research & PR: Publish technical blogs and present your research at major security conferences.
Technical Product Research: Produce in-depth technical research and conduct reverse engineering of security products to directly support the development of our companys product and platform.
Stay up to date with newly discovered CVEs, attack techniques, and threat trends
Cross-Functional Collaboration: Partner with product and engineering teams to help improve our companys security.

Were looking for a top-notch Threat Detection Researcher to join our team and spread our power. In this role, you will further develop the Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

We're looking for a talented AI Security Researcher to join our team and play a critical role in our foundational, risk-driven approach to cloud security. This role requires deep technical research into complex cloud- and AI-native environments to identify the most significant, unaddressed risks.
WHAT YOULL DO
Conduct deep technical research to discover and report novel risks and attack vectors specific to modern cloud- and AI-native architectures and systems.
Discover and articulate the highest unaddressed risk areas, working with Product and Engineering teams to translate research into product capabilities.
Define necessary foundational product capabilities by delivering both compelling proofs of risk (demonstrating impact) and technical POCs (showing how to solve it).
Work closely with Product and Engineering teams to ensure comprehensive risk coverage and support the investigation of new and complex product scope.

our company Security is one of the main pillars of the company offering and long-term strategy. We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps. We are looking for a Security Researcher to join the team. As a researcher, you will perform security research on open-source projects in both web and low-level technologies. You will define how to identify exploitable security issues in an automated manner and develop code for that purpose.
As a Security Researcher at our company you will
Research CVEs and 1-day vulnerabilities in various programming languages and ecosystems
Define how to automatically find exploitable vulnerabilities & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Write technical reports regarding all research subjects mentioned above.

We are looking for a seasoned Principal Threat Researcher to join our Threat Hunting team. Based in Israel, this is a hybrid role, reporting to the Senior Manager, Threat Research, in the Avalor Engineering department. Avalor curates and contextualizes data from hundreds of security and business tools to help companies understand and address their riskiest problems. If you're passionate about data and helping companies improve their security posture, we'd love to have you join Avalor as we make the world a more secure place.
What youll do (Role Expectations):
Lead end-to-end research POCs by formulating hypotheses, designing methodologies, and translating findings into production-ready capabilities
Research and develop methodologies for identifying, assessing, and mitigating threats across diverse data sources
Partner with data scientists and ML engineers to shape model features and training data strategies derived from real-world signals
Provide actionable recommendations to improve data quality, policies, detections, and response strategies across security offerings
Present research findings to technical and non-technical stakeholders to influence roadmap decisions with evidence-based insights
Who You Are (Success Profile):
You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful.
You act like an owner. Your passion for the mission fuels your bias for action. You operate with integrity because you genuinely care about the outcome. True ownership involves leveraging dynamic range: the ability to navigate seamlessly between high-level strategy and hands-on execution.
You are a problem-solver. You love running towards the challenges because you are laser-focused on finding the solution, knowing that solving the hard problems delivers the biggest impact.
You are a high-trust collaborator. You are ambitious for the team, not just yourself. You embrace our challenge culture by giving and receiving ongoing feedback-knowing that candor delivered with clarity and respect is the truest form of teamwork and the fastest way to earn trust.
You are a learner. You have a true growth mindset and are obsessed with your own development, actively seeking feedback to become a better partner and a stronger teammate. You love what you do and you do it with purpose.

: Were looking for a hands-on AI Cyber Intelligence Engineer - in the domain of attack surface. Someone who lives and breathes cyber security, loves exploring how attackers move through real environments, and is excited to shape how AI can automate and extend that process.
In this role, youll analyze real-world environments, identify potential attack vectors, and work closely with our AI engineering teams to translate your domain expertise into actionable, intelligent workflows. Youll play a key role in guiding how our platform learns to think and act like a top-tier security analyst.
The Responsibilities
Design and shape AI-driven security agents by encoding expert attacker and defender reasoning into agentic flows, prompts, decision logic, and investigative strategies.
Translate offensive security and red-team expertise into structured knowledge that enables AI systems to identify, prioritize, and reason about real-world attack paths in complex enterprise environments.
Model attacker behavior and multi-step attack scenarios, focusing on lateral movement, privilege escalation, and cross-domain exploitation - and guide how AI agents simulate and evaluate these scenarios.
Act as a domain expert partner for product and engineering teams, ensuring AI-driven security decisions remain grounded in real attacker tradecraft and operational reality.