דרושים » אבטחת מידע וסייבר » Information security developer- 2409

Requirements:
Hands-on experience in security engineering or infrastructure security roles.
Strong understanding of network protocols, architectures, and common network-based attack techniques.
Experience securing databases and sensitive data, including encryption, access governance, and auditing.
Practical knowledge of AI/ML systems and modern AI usage patterns, including risks related to training data, inference APIs, and model access.
Understanding of emerging AI security threats, including prompt injection, data leakage, model abuse, and supply-chain risks.
Experience working in cloud environments (AWS, Azure, or GCP) and cloud-native security controls.
Experience participating in or leading security incident response and investigations.
Proven ability to take ownership, lead security processes end-to-end, and drive initiatives across multiple teams.
Strong analytical skills, proactive mindset, and ability to work effectively with cross-functional teams.
Advantage:
Experience with automation platforms and security-related workflows.
Familiarity with modern security architectures such as Zero Trust.

Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 7 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies.
Strong understanding of threat modeling methodologies, secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience in implementing security tools and technologies such as ASPM, SAST, DAST in complex and high-scale environment.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are desirable.
Proven experience in a similar role at another leading software development company.

Requirements:
Professional Experience: 5+ years of experience in GRC, information systems auditing, or cyber risk management.
Risk Management Expertise: At least 4 years of hands-on experience in risk assessments or IT auditing.
Financial/Regulatory Background (Mandatory): Proven experience working in a regulated financial/banking environment under strict supervision (e.g., Proper Conduct of Banking Business).
Technical Understanding (Oversight Level): Ability to review security configurations, read logs, and understand network architectures (hands-on configuration is not required).
Exceptional Communication: High-level writing and drafting skills for complex procedures, official policies, and executive reports.
AI Proficiency: Practical experience using AI tools (e.g., ChatGPT, Claude, Copilot) to optimize workflows, technical writing, or data analysis.
Cloud Security: Familiarity with cloud security methodologies (Shared Responsibility Model) and SaaS/IaaS risk factors - an advantage
AI Security: Initial familiarity with GenAI risks and mitigation (e.g., OWASP Top 10 for LLMs) - an advantage
Benchmarking: Experience in performing Proof of Concept (POC) and comparative analysis of security products - an advantage
Certifications: CISM, CISA, or CISSP - Significant Advantage.

Requirements:
What you have:
4+ years of experience in Application Security, Penetration Testing, or Product Security in a SaaS company.
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
Deep understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles.
Proficiency in scripting or programming languages (Python, JavaScript, Go, etc.) for security automation.
Experience with cloud security best practices (AWS, GCP, or Azure).
Hands-on experience with DevSecOps and integrating security tools into CI/CD pipelines.
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management.
Experience working with large-scale, complex R&D environments

Bonus Points:
Being introduced by our team member.

Requirements:
4+ years of experience in security engineering, or equivalent.
Strong hands-on experience with security tools, services, deployment automation, and configuration management.
Demonstrated expertise in cloud security, including low-level design of secure cloud architectures (e.g., VPCs, network segmentation, endpoints, encryption).
Solid understanding of operating systems (Linux, Windows, macOS) and networking fundamentals (TCP/IP, DNS, VLANs, routing, etc.).
Well-versed in identity & access management: Conditional Access, Zero Trust, RBAC, identity lifecycle, access reviews, compliance, and governance.
Hands-on experience with infrastructure as code.
Experience securing microservices, containerized environments and serverless.
Strong knowledge of modern Secure Software Development Lifecycle (SSDLC) practices: threat modeling, secure design, code reviews, API security, SAST/DAST/SCA.
Programming/scripting skills to build automation, tools, and playbooks.
Self-motivated and autodidactic, with the ability to deliver solutions end-to-end as part of a do it yourself approach.

Requirements:
Experience: a minimum of 2 years of experience in Cybersecurity, Network Engineering, or a related technical role within a complex enterprise environment. Experience in a regulated financial services environment is a plus.
Network Security & Infrastructure: Strong understanding of networking fundamentals, Routing protocols, next-gen firewalls, DNS and Windows/Linux OS, and the ability to troubleshoot complex connectivity issues. Experience or good knowledge of firewall administration, and rules management is a plus.
Identity & Access: Understanding of Identity & Access Management (IAM) lifecycles and the principle of least privilege. Foundational knowledge of Authentication protocols (SAML, OIDC, Kerberos, Multi-Factor Authentication) and their role in a modern perimeter.
Web & Cloud Security: Understanding of secure web gateways and cloud-native security architectures. Experience operating Zscaler is considered a strong asset.
Data Protection: Strong conceptual understanding of Data Loss Prevention (DLP) strategies across endpoints, networks, and cloud applications.
Modern Security Frameworks: Knowledge of Zero Trust Network Access (ZTNA) principles and how they differ from traditional VPN-based architect
SaaS Security: Familiarity with Cloud Access Security Broker (CASB) concepts, including API-based protection and forward-proxy modes.
Automation & Scripting: Proficiency in Python for automating security tasks, parsing logs, or integrating security tools via APIs and experience with "Vibe Coding" or using AI-assisted development tools (e.g., Cursor, GitHub Copilot, Claude Code, and Gemini LLMs) to rapidly prototype security solutions, dashboards, and scripts.
Technical Visualization: Support the creation of professional architectural diagrams and data-flow visualizations to document ZTNA environments and security control implementations.
Strong verbal and written communication skills in English
Education: University degree or College diploma in Computer Science, Cybersecurity, Information Technology, or a related field or relevant experience.
Certifications (Preferred): Progress towards or achievement of relevant certifications such as CompTIA Security+, CCNA, or vendor-specific clo

Requirements:
Minimum of five years of experience managing complex short to medium-term client-facing cyber security engagements in parallel, with excellent engagement management skills and a proven record.
Extensive understanding of cyber security, security governance, and cyber risk management best practices, frameworks, and principles.
Ability to collaborate with individuals across all levels in a dynamic matrix organizational structure, and coordinate with other departments.
Outstanding analytical, creative, and problem-solving skills and mindset, with the ability to handle uncertainty and complexity.
Excellent communication and presentation skills at all levels of the organization. Ability to articulate security concepts to technical staff and explain them to non-technical staff, including senior management.
Attention to detail and a commitment to maintaining high standards.
Certifications such as C-CISO, CISM, PMP, or similar are an advantage.
Knowledge of regulatory requirements and compliance standards such as NIST, ISO, and others is an advantage.
Excellent communication and presentation skills at all levels of the organization, in both English and Hebrew.
The position requires travel abroad (~15-20%).

Requirements:
Minimum of 5 years of experience in implementing, operating, and managing Information security products.
Knowledge of information security technologies - Must.
Proven experience implementing and managing security products like EDR, DLP, DNS, Email protection, Remote access solutions, Identity Protection, cloud security and Web Protection - At list 4 products.
Knowledge in networking and protocols (Switching / Routing) Layer2-7 - Advantage.
Experience with global, distributed corporations - Advantage.
Security architecture design and implementation - Advantage.
Experience with security in Azure and AWS - Advantage.
Experience with incident response - Advantage.
Relevant courses and qualifications (such as Linux, CCIE, CCSA, CCNA, CCSK, and similar) - Advantage
Fluent in English and Hebrew - Must.
Visionary, creative, self-motivated, self-learner, multitasker and independent.
Desire to learn new things and grow within the company.
Ability to look at the whole picture and willing to take initiative and get the job done.

Requirements:
4+ years of experience in GRC, information security, or compliance within SaaS, cloud, or enterprise IT environments.
Strong understanding of regulatory frameworks and security standards such as SOC 2, PCI-DSS, NIST, and cloud security frameworks.
Knowledge and experience in AI Governance, including AI risk management, ethical AI principles, and alignment with frameworks such as EU AI Act, NIST AI RMF, and ISO/IEC 42001.
Strong knowledge of SDLC methodology.
Strong knowledge of IT systems and security controls.
Experience conducting security risk assessments and working with auditors or regulatory bodies.
Strong project management skills with the ability to manage multiple compliance initiatives.
Experience working with IT teams and business stakeholders to enhance security measures.
Excellent communication and collaboration skills, with the ability to translate compliance requirements into actionable business processes.
Ability to effectively interface with technical staff and senior management.
Proficiency in English and Hebrew, both written and spoken, to effectively communicate with local and global teams and stakeholders.
Strong interpersonal skills with the ability to engage effectively.
Excellent teamwork and interpersonal communication abilities.
Advantage:
Certifications such as CISM, CISA, CISSP.
CISO certification from a recognized institution.
Masters degree in information security, Business Administration, or related field.
Experience in the fintech or financial services industry.