דרושים » אבטחת מידע וסייבר » Senior Windows Detection Engineer

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision.
Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.


Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:

Play a lot with the web-browsers, trying to find differences in behavior between them.

Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection

Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.

Understand customer specific requirements, deliver with impact and exceed customer expectations.

Discover adversary tactics, techniques, and procedures leveraged by bots.

Create and validate data insights to enhance detection excellence.

Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.

Find bad stuff on the internet, see if you can figure out how it is done, document it.

Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.

Contribute high impact work that substantially benefits team level metrics and OKRs.

Develop techniques, tools and scripts to simplify yours and others work.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.

At our company, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.
We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.
As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.
About Your Day-to-Day
As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

We are seeking a Senior/Principal Linux Security Researcher for our Tel Aviv R&D center to advance our Cortex-XDR Agent for the Linux platform, which provides runtime protection to servers and cloud workloads. In this role, you will be a key member of a team responsible for researching, developing, and improving our Anti-Exploit and Anti-Malware capabilities. Your work will involve deep exploration of OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve state-of-the-art endpoint security solutions focused on comprehensive prevention. This includes broad defense against attack classes like malware and exploits, spanning from low-level mitigations to application-level security
Research Linux OS internals, kernel, application codebases, vulnerabilities, malware and exploits
Respond to security events coming from customers, in the context of malware and exploitation prevention.

We are looking for a Security-First Product Manager to join our team during a breakthrough stage of growth. This is an ideal role for Product Managers who bring direct, firsthand experience from a Security Operations Center (SOC), including former security practitioners or analysts. You will be responsible for building the "opinionated" tools you wished you had while working in the SOC. You will be working at the intersection of security research and core engineering to define how complex security data is transformed into automated, high-confidence outcomes.

What Youll Be Doing

Become an expert in all product aspects (flows, features, infrastructures, and market).
Translate security research and stakeholder requirements into clearly defined, prioritized platform capabilities and automated logic.
Lead the inbound product lifecycle, working day-to-day with engineering and research teams to build robust analysis and investigation automation blocks and data schemas.
Make critical and important decisions with respect to time, features, resources, and quality to meet the business objectives.
Analyze product performance and usage data to identify opportunities for learning and improving the precision of our autonomous engine.

Appdome’s mission is to protect every mobile app in the world and the people who use mobile apps in their lives and at work.
Appdome provides mobile brands with the only patented, centralized, data-driven Mobile Cyber Defense Automation platform, delivering rapid no-code, no-SDK mobile app security, anti-fraud, anti-malware, anti-cheat, anti-bot implementations, configuration as code ease, Threat-Events™ threat-aware UI/UX control, ThreatScope™ Mobile XDR, and Certified Secure™ DevSecOps Certification in one integrated system.
With Appdome, mobile developers, cyber and fraud teams can accelerate delivery, guarantee compliance, and leverage automation to build, test, release, and monitor the full range of cyber, anti-fraud, and other defenses needed in mobile apps from inside mobile DevOps and CI/CD pipeline.
Leading financial, healthcare, m-commerce, consumer, and B2B brands use Appdome to upgrade mobile DevSecOps and protect Android & iOS apps, mobile customers, and mobile businesses globally. Today, Appdome's customers use their platform to secure over 50,000+ mobile apps with protection of over 1B mobile end users projected.
We are seeking a driven and results-oriented Account Executive to join our team. In this role, you will focus on acquiring new customers, building trusted relationships, and driving revenue growth by understanding prospects’ mobile business and security objectives and aligning them with our solutions.
The ideal candidate is a proactive communicator with strong interpersonal skills and a solid technical foundation. You excel at managing complex enterprise sales cycles and thrive in a dynamic environment that demands collaboration across teams and effective engagement with stakeholders via phone, email, and in-person interactions.
Job description Appdome is looking for a talented, passionate Offensive Researcher to join our innovative research team. If you’re eager to explore cutting-edge mobile security techniques and help safeguard the mobile app ecosystem, this is the role for you! As a key player in our security team, you'll design and execute sophisticated attack simulations on the Appdome platform. Your work will touch on diverse attack vectors, including file systems, networks, jailbreaks, memory injections, and more.

We're building something special in our Israel-based Offensive Security organization, and we're hiring multiple people across three key areas:
Penetration Testing
Red Team Product
Security Research
While these roles share a common foundation in offensive security tradecraft, each brings its own unique focus and impact.
We're looking for deep expertise in at least one of these areas, with the ability to grow across others. We have multiple openings and are looking for talent at various levels. As we get to know you through the interview process, we'll work together to identify the best fit matching your expertise and interests with the specific role and level (Senior, Lead, or Principal) that makes the most sense for both you and the team.
Role Overview
We are seeking a highly skilled offensive security professional to join our elite team. This role is ideal for someone who thrives on breaking systems, finding creative attack paths, and using their findings to drive meaningful security improvements across Salesforce's products and infrastructure.
You will work alongside some of the best minds in security, operating with significant autonomy and impact. Whether you specialize in deep application level penetration testing, red teaming, security research or vulnerability discovery, we want to hear from you-you don't need to be an expert in all three domains. What unites these roles is a relentless attacker mindset, a drive to find and demonstrate real-world impact, and the ability to translate offensive findings into lasting security improvements.
Responsibilities
Conduct advanced penetration testing, red team operations, or security research targeting Salesforce's cloud infrastructure, applications, and services
Discover, exploit, and document security vulnerabilities using creative and methodical approaches
Develop custom tools, exploits, and attack techniques to simulate real-world adversaries
Collaborate with product teams to remediate vulnerabilities and improve secure design practices
Contribute to the maturity of our offensive security program through automation, tooling, and process improvements
Mentor and share knowledge with team members, fostering a culture of continuous learning
Present findings and security insights to technical and executive audiences
Stay ahead of emerging threats, attack techniques, and offensive security tradecraft

our company is the world leader in accelerated computing, defining the future of ai and high-performance networking. we are seeking a highly skilled and proactive senior Cyber security threat intelligence (cti) analyst to join the networking product security team. in this critical role, you will function as a key defender of the technologies powering the worlds largest ai clusters. you will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. this is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global ai infrastructure.
what you will be doing:
you will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:
lead deep-dive osint and webint research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
leverage scripting ( Python, bash, etc.) and generative ai tools to automate intelligence collection, triage, and analysis workflows.
analyze advanced persistent threats (apts) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
drive threat hunting methodologies, proactively searching for indicators of compromise (iocs) and hidden vulnerabilities within the products.
translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team