דרושים » אבטחת מידע וסייבר » Senior Application Security Engineer

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of products.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring remains ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams
Requirements:
4+ years of experience in Application Security, Penetration Testing, or Product Security in a SaaS company
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Deep understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles
Proficiency in scripting or programming languages (Python, JavaScript, Go, etc.) for security automation
Experience with cloud security best practices (AWS, GCP, or Azure)
Hands-on experience with DevSecOps and integrating security tools into CI/CD pipelines
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management
Experience working with large-scale, complex R&D environments
Bonus Points:
Being introduced by an AppsFlyer team member
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8663169
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
משרה בלעדית
2 ימים
דרושים בריקרוטיקס בע"מ
Job Type: More than one
Our company specializes in cybersecurity consulting and is currently expanding our team. We offer a dynamic and challenging role in a company that greatly values human capital.

Job Description:
Lead and manage the company's cybersecurity strategies and processes.
Enhance cybersecurity across both on-premises and cloud networks.
Draft and maintain documents, including information security policies, procedures, and reports.
Provide consultancy on cybersecurity solutions and controls.
Requirements:
At least 1 year of experience in a CISO or CTO role.
Knowledge of web security and familiarity with the OWASP Top 10 security risks is advantageous.
Extensive knowledge of cybersecurity best practices for network and cloud infrastructure.
Professional certification in information technology/security.
Familiarity with privacy protection regulations and certifications such as ISO 27001 and SOC2.
Strong organizational skills, team-oriented, and service-focused.
Hands-on experience with technical security controls (FW, EDR, etc).
High proficiency in English.
This position is open to all candidates.
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
8705455
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
09/06/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
Power the Future with us! SolarEdge (NASDAQ: SEDG), is a global leader in high-performance smart energy technology, with over 3000 employees, offices in 34 countries, and millions of products installed in over 133 countries. Our diverse product offering comprises intelligent solar inverters, battery storage, backup systems, EV charging, and complete home energy management ecosystems. By leveraging world-class engineering capabilities and with a relentless focus on innovation, we strive to create a world where clean, green energy from the sun is the primary source of power for our homes, businesses, and just about everywhere we thrive We're looking for a Cyber Security Architect to set the technical direction for security across our entire estate — on-premises infrastructure, R&D and product engineering, and cloud. You'll own reference architectures, lead security projects end-to-end, and partner closely with infrastructure, engineering, and DevOps teams to embed security by design. This is a hands-on senior role: you're equally comfortable presenting a strategy to executives and pulling apart a threat model with engineers. What you'll do
* Design and govern security architectures that span data centers, product platforms, and cloud workloads — bringing one coherent control story across all three.
* Lead threat modeling and architectural risk assessments for major projects, translating findings into prioritized design changes.
* Define and maintain reference architectures, security patterns, and hardening baselines covering identity, network segmentation, endpoint, application, and data protection. Embed security into the SSDLC and review new product features and platform changes before they ship.
* Architect cloud landing zones, IAM, network and key management, CSPM/CWP coverage, and container/Kubernetes security.
* Mentor security engineers, brief executives, and act as the senior technical authority for security across IT, R&D, and cloud.

Country:
Israel

City:
Herzliya
Requirements:
7+ years in cyber security , with at least 3 in security architecture or senior technical lead role.
* Proven delivery of security projects across on-prem, product/R&D, and cloud — not just one of the three.
* Strong understanding of enterprise security architecture frameworks.
* Hands-on architectural depth in major cloud AWS: IAM, networking, encryption/KMS, logging, native security services.
* Network and infrastructure security: segmentation, firewalls, VPN/SASE, IDS/IPS, secure remote access.
* Identity and access: directory services, federation (SAML/OIDC), MFA, conditional access, PAM principles.
* Application and product security: OWASP Top 10, threat modeling (STRIDE), SSDLC integration, SAST/DAST/SCA.
* Cryptography fundamentals: TLS, PKI, key management, secrets management.
* Programming in at least one language (Python/Go/Java/C#/Rust)
* Experience building automation and using AI?assisted tools
* Familiarity with vulnerability management and pen?testing workflows
* Strong written and verbal communication; able to brief both engineers and executives.
* Structured analytical thinking; comfortable balancing security rigor against business priorities. Nice to have
* Multi-cloud experience (two or more of AWS/Azure).
* Infrastructure-as-Code and policy-as-code (Terraform, OPA, Sentinel).
* Container/Kubernetes security and DevSecOps pipeline integration and image scanning.
* API security architecture (gateways, OAuth 2.0/OIDC).
* Compliance fluency: ISO 27001, NIST 800-53/CSF, SOC 2, GDPR.
* Product, IoT, or OT security exposure relevant to our R&D domain.
* AI/ML security architecture awareness.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8633801
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
28/05/2026
Location: Herzliya
Job Type: Full Time
we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
Strong understanding of governance, risk management, and operational processes.
Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
Basic conceptual understanding of cloud/SaaS shared responsibility models.
Ability to communicate technical issues in business‑aligned language.
Hands-on experience with security controls - an advantage.
Strong writing, communication, and facilitation skills.
Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8671044
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
5 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
our company MDR delivers 24x7x365 managed detection and response services, protecting customer data through advanced detection, investigation, and response at scale.
We are seeking an MDR Security Engineer to own and scale the automation layer that powers our global MDR operations. This role is responsible for building and operating production-grade automation systems that reduce manual workload, improve detection quality, and enable consistent, high-quality incident response.
The ideal candidate is a hands-on engineer with strong experience in SOAR platforms, security operations, and automation design, capable of driving measurable improvements in efficiency, reliability, and response outcomes across a high-volume SOC environment.
Responsibilities
Upkeep the design, development, and lifecycle of SOAR playbooks, workflows, and integrations across the MDR platform
Build and operate production-grade automation systems supporting alert triage, enrichment, investigation, and response
Define and drive automation strategy by identifying high-impact, high-volume SOC processes and scaling them through automation
Develop integrations across SIEM, EDR/XDR, identity, cloud, and ticketing systems using APIs and scripting
Partner with MDR analysts, IR, threat hunters, and engineering teams to translate operational workflows into scalable automation
Improve detection and response quality through automation of enrichment, investigation, and containment workflows
Contribute to incident response and RCAs by delivering tooling that improves investigation speed, accuracy, and consistency
Evaluate and implement new automation capabilities, including AI-assisted workflows and data-driven decisioning
Monitoring, Metrics & Reliability Ownership
Define and own automation KPIs, including:
Automation coverage (% of alerts handled or augmented)
MTTD / MTTR improvement
False positive reduction and signal-to-noise improvement
Analyst time saved and throughput increase
Build and maintain dashboards and reporting to measure automation impact on SOC performance and SLAs
Ensure production reliability and stability of automation systems, including:
Monitoring workflow success/failure rates and execution latency
Tracking integration and API health, errors, and retry behavior
Implementing logging, alerting, and observability across automation pipelines
Continuously optimize workflows based on data, feedback, and operational performance to ensure consistent 24/7 MDR operation.
Requirements:
4+ years of experience in Security Operations, MDR, Incident Response, or Security Engineering
2-3+ years of hands-on experience with SOAR platforms and security automation
Proven experience owning and operating production-grade automation workflows in a SOC/MDR environment
Strong understanding of SOC operations, alert triage, escalation workflows, and incident response
Experience with enterprise security technologies (SIEM, SOAR, EDR/XDR, IAM/AD)
Strong scripting/development skills (Python, PowerShell, Bash) and experience building APIs and integrations
Experience with CI/CD, version control (Git), and deploying automation at scale
Strong analytical thinking and problem-solving skills with the ability to translate complex workflows into automation
Excellent communication and collaboration skills across engineering and operations teams
Nice to Have
Experience with AI-enhanced automation or large-scale workflow orchestration
Experience in high-volume MDR/SOC environments
Familiarity with threat hunting or detection engineering
What Success Looks Like
Increased automation coverage across MDR workflows
Measurable reduction in analyst workload and response times
Improved consistency and quality of incident response
Stable, reliable automation systems operating at scale.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8711370
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
5 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
We are seeking a highly skilled and experienced Security GRC Specialist to join our team. This position reports directly to the GRC Manager, as part of the CISO group. The ideal candidate should have a strong background in GRC, with a proven track record of successfully implementing GRC programs. This role requires a diligent professional who thrives in a fast-paced environment and can manage multiple priorities while maintaining attention to detail.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Manage ISO 27001/ISO27017/ISO27018 compliance by conducting gap analyses, maintaining ISMS documentation, and coordinating audits to ensure ongoing certification.
Respond to customer due diligence requests and support the review of security and compliance clauses in customer and vendor contracts,
Conduct third-party risk assessments and identify potential security threats and vulnerabilities.
Manage and maintain the GRC platform to ensure accurate compliance monitoring, documentation, and audit support
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.
Requirements:
Minimum of 3 years of experience in GRC, and information security.
Strong knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001).
Experience in responding to customer due diligence requests.
Experience in conducting security audits such as SOC 2 and ISO 27000 family.
Experienced with leading GRC platforms, covering third-party risk management, audit management, and security awareness programs.
Excellent analytical, attention to detail, problem-solving, and communication skills.
We are looking for a passionate candidate who can work independently and collaboratively as part of a team in a fast-paced environment.
Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Highly advantageous experience with:
ISO 42001 compliance, including implementation, documentation, and audit coordination.
Payment Card Industry (PCI) standards.
Business Continuity Management.
Developing GRC platform automations, integrations, and workflows.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8711405
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
25/05/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
As a Senior Security Researcher you will be responsible for researching multiple domains in the Automotive, AI, API, IoT and Mobility ecosystems, work closely with our domain researchers, data-scientists, development teams, as well as work with customers to build a cutting edge cybersecurity product at Upstream.

This role is full-time and is Israel based.

Responsibilities
AI Security - research LLM and MCP based attack methods
API Security - research API vulnerabilities and attack methods.
Research the Automotive Cybersecurity ecosystem: Automotive protocols - Both in-vehicle and external vehicle communications, Vehicle Architectures, Device research - Hardware, reverse-engineering, vulnerability research.
Mobility IoT Security - research IoT protocols and devices for vulnerabilities and attack methods.
Develop cyber-attack detection techniques and methodologies.
Develop research tools and technologies.
Requirements:
At least 4 years of experience as a security researcher
University B.Sc or equivalent technological military service
Network / Application security experience
Experience in API security research
Experience in IoT - an advantage
Experience in Python or any other high-level programming language
Experience in C/C++ or any other low-level programming language
Experience with embedded devices and automotive systems - an advantage
Experience in reverse engineering - an advantage
Motivated, fast learner, and independent
Out of the box thinking style and ability to analyze complex systems
A team player, excellent collaboration skills
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8665273
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
28/05/2026
Location: Herzliya
Job Type: Full Time
we are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science.
Responsibilities
Participate in Red Team and Risk assessments under the guidance of senior team members
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
Learn and simulate attacker tactics, techniques, and procedures (TTPs)
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance
Participate in internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios
Requirements:
Strong interest in offensive security and Red Team methodologies
Foundational understanding of Active Directory architecture, domain trust, Kerberos, GPOs, and domain privilege structures
Familiarity with network protocols such as SMB, LDAP, DNS, and HTTP
Knowledge of common attack techniques such as enumeration, privilege escalation, exploitation, credential dumping and C2 operations
Ability to write or assist in technical documentation and reporting in English
Comfortable working in a collaborative environment and eager to learn from experienced team members
Experience with security tools such as - Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools
Comfortable with basic scripting and using CLI tools
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8671040
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
we are looking for a Embedded Systems Vulnerability Researcher.
As an Embedded Systems Vulnerability Researcher, you will operate at the cutting edge of security projects. Your mission is to identify, exploit, and mitigate security flaws in complex hardware/software ecosystems. You will bridge the gap between the digital and analog worlds, analyzing everything from low-level firmware to the electromagnetic spectrum.
Responsibilities:
Vulnerability Discovery: Perform deep-dive security analysis and "bug hunting" on proprietary embedded systems and RTOS.
Exploit Development: Create Proof-of-Concept (PoC) exploits for identified vulnerabilities, including memory corruption, logic flaws, etc.
Firmware Analysis: Conduct static and dynamic analysis of binary blobs using advanced reverse engineering suites.
Hardware Probing: Utilize JTAG, UART, and SWD interfaces to extract firmware, monitor execution, etc.
Tooling: Develop custom scripts and tools in Python, C, C++ to automate the research and exploitation pipeline.
Requirements:
The Mindset: Passion and motivation for finding vulnerabilities in complex systems.
Reverse Engineering: High-level proficiency in IDA Pro, Ghidra, etc., specifically targeting non-x86 architectures (ARM, MIPS, RISC-V).
Low-Level Mastery: 4+ years of experience in C/C++ and Assembly, with a deep understanding of memory management, heap/stack protections, and OS internals.
System Knowledge: Comprehensive understanding of the boot process and hardware-software abstraction layers.
Advantages
RF Security: Experience with Software Defined Radio (SDR), signal processing, and protocol analysis of wireless communications.
Education: Bachelors degree in Physics, Electrical Engineering, or Computer Science.
Military Background: Graduate of an elite technological unit in the IDF.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8688182
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a Security Researcher to research and develop cutting-edge cyber projects.
We face highly complex technological challenges and need talents to help us overcome them.
Do what you love:
As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.
Requirements:
4+ years of relevant industry experience as a vulnerability researcher or equivalent.
● Experience with writing code in assembly or c and Python.
● Experience with a dis-assembler for vulnerability research (IDA Pro or GHIDRA)
● Experience with complicated exploitation methods.
● Deep understanding of OS internals (Mac, Windows, Android etc.).
● Good understanding of common security mitigations.
● Highly motivated and creative individual.
Advantages:
Graduate of an elite technological unit in the IDF
Bachelor's degree in computer science or software engineering
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8688137
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
25/05/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.
Requirements:
At least 8 years of hands-on experience with enterprise network design and support
Proven experience with routing protocols (OSPF, BGP, EIGRP) and advanced switching (STP, VLANs, ACLs and VRF)
Strong experience configuring and troubleshooting enterprise firewalls and VPNs
Solid experience with F5 LTM/GTM or other load balancing platforms
Good understanding of network security, segmentation and IDS/IPS solutions
A team-oriented mindset
It would be great if you also have:
Relevant industry certifications (e.g., CCNP, PCNSE, NSE4/7 and F5-CTS)
Background in secure remote access solutions and NAC technologies.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8664602
סגור
שירות זה פתוח ללקוחות VIP בלבד