דרושים » אבטחת מידע וסייבר » AI Secops Tech-lead

Requirements:
Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent military/professional experience.
8+ years of experience in incident response or digital forensics consulting.
Demonstrated experience leading complex technical engagements and interfacing directly with clients and stakeholders.
Proficiency in host-based forensics, data breach response, and network traffic analysis.
Hands-on experience with forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, or similar technologies.
Preferred Qualifications
Master's degree in a relevant technical field.
Strong executive presence with experience presenting complex technical concepts to C-suite stakeholders.
Established external presence through public speaking, conference presentations, or industry publications.
Relevant industry certifications such as GIAC (GCFA, GCFE, GNFA), CISSP, or similar.

Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 7 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies.
Strong understanding of threat modeling methodologies, secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience in implementing security tools and technologies such as ASPM, SAST, DAST in complex and high-scale environment.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are desirable.
Proven experience in a similar role at another leading software development company.

Requirements:
7+ years of experience in security research, detection engineering, incident response, or comparable hands-on security roles
Demonstrated expertise in at least two of the following areas (and working knowledge in the others):
Linux internals / operating systems fundamentals
Cloud security (AWS/Azure/GCP), including common attack paths and misconfiguration patterns
DFIR, threat hunting, and investigation workflows using telemetry and logs
Vulnerability research or vulnerability management at scale (triage, prioritization, exploitation understanding)
Application and API security fundamentals
Strong programming skills in Python (Go is a strong plus); ability to produce maintainable research code and production logic
Strong data skills: comfortable working with large telemetry datasets (SQL and log analytics platforms such as Elastic or similar)
Ability to reason about attacker behavior, build threat models, and validate detections with repeatable testing
Excellent written and verbal English communication, including the ability to explain nuanced technical tradeoffs to non-research audiences
Track record of driving cross-team execution and shipping impactful security capabilities
Nice to have:
Experience with Kubernetes and container runtime security
eBPF or low-level telemetry approaches, syscall or kernel-level visibility
Reverse engineering and malware analysis
Offensive security background (web, cloud, exploit development)
Contributions to open-source security projects or published research
Experience using automation or AI-assisted techniques to scale research and detection workflows

Requirements:
7+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research
Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies
Hands-on experience with Red Team tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development
Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)
Familiarity with the MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios
Proficiency with scripting and automation languages for tool development, threat detection, and attack simulation
Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis
Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights
A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats.

Requirements:
Required Qualifications
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
B.Sc. or M.Sc. in Computer Science, Software Engineering, Computer Engineering, or equivalent military experience required
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Proficiency in programming languages such as Python, Go, Java, or other relevant languages.
Strong understanding of OS internals (Windows, Linux, and macOS, for example).
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Experience with virtualization platforms or understanding of virtualization-related attacks (e.g., focused on ESXi/vCenter).
Proven background in security solution development, particularly within the EDR/XDR space.
Proficiency in reverse engineering, including practical experience with disassembly and debugging tools.
Demonstrated experience utilizing advanced techniques like statistics, machine learning, or complex data analysis for security-related applications.
Experience with vulnerability research or development within the Linux environment.
Experience with research or development focused on Linux internals.

Requirements:
7+ years of experience in cybersecurity, with a strong focus on incident response
Proven experience managing complex, high-severity cyber incidents
Deep understanding of threat actors, attack techniques, and forensic methodologies
Experience leading global or distributed teams in a follow-the-sun model
Strong communication skills in English
Relevant certifications (e.g., GCFA, GCIH, CISSP, or similar) preferred.

Requirements:
Proven ability to lead and influence leaders across the organization.
In-depth knowledge of Secure Development Life Cycle (SDLC) processes, secure architecture, third-party tools, and security policies.
Threat modeling & secure design - Ability to review architectures, identify abuse cases, and guide developers on secure design decisions early in the lifecycle.
Expertise in identifying, analyzing, and mitigating security vulnerabilities, including familiarity with Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS).
Hands-on experience with AppSec tooling - SAST, DAST, SCA (e.g., SonarQube, Snyk, JFrog Xray), including tuning, triaging results, and integrating into CI/CD pipelines.
Experience with vulnerability management and the ability to interpret and apply security standards, guidelines, and regulations.
Proficiency in secure coding practices and the ability to conduct code reviews for security vulnerabilities.
Familiarity with incident response processes, security monitoring, and threat intelligence.
Offensive mindset - Ability to think like an attacker (manual testing, basic exploitation techniques) to validate real impact and reduce false positives.
Advantage:
Prior experience in software development.

Requirements:
10+ years in cybersecurity, with significant incident response management experience.
Proven experience leading large-scale, cross-company cyber incidents, including incidents involving:
Multiple engineering and operational teams
Executive leadership and board-level visibility
Demonstrated experience acting as Incident Commander or equivalent role during major security events for at least 15 incidents in the past 5 years.
Strong understanding of:
Cloud and SaaS architectures
Identity, access control, and infrastructure security
Detection and response technologies (SIEM, EDR, cloud-native tools)
Offensive background
Ability to translate technical facts into business impact and risk-based decisions.
Critical Skills & Attributes
Crisis leadership: Calm, decisive, and structured under extreme pressure.
Authority without ego: Able to lead across departments without formal reporting lines.
Executive communication: Clear, concise, and credible with senior leadership.
Systems thinker: Understands how technical, human, and process failures compound during incidents.
Bias for action: Moves quickly while maintaining discipline and documentation.
Analytical thinking: Attention to details and ability to connect multiple dots into a concise and accurate picture.
Previous experience at Mandiant, Sygnia, CrowdStrike, Unit 42, or similar elite IR teams
Experience in crypto, fintech, custody, payments, or highly regulated environments
Hands-on background in forensics, threat hunting, or security engineering
Nice to Have
Experience in crypto, fintech, cloud infrastructure, or highly regulated environments
Experience supporting regulatory notifications and post-incident audits
Background in forensics, threat intelligence, or security engineering
Familiarity with NIST, ISO 27035, or similar incident response frameworks (practical application, not

Requirements:
6+ years of experience in Security Research, Product Security, Application Security, or similar roles.
Managerial expereince - leading, mentoring and supporting team members
Strong algorithmic thinking and experience working with complex data.
Proven experience applying AI techniques to large-scale data analysis (ML background is not required).
Deep understanding of security principles in SaaS, cloud, and application security.
Experience researching application logic, permission models, and access control systems.
Strong ownership mindset and ability to lead a technical domain.
Excellent communication skills and ability to collaborate cross-functionally.
Comfortable working in a small, fast-moving startup environment.
Nice to have:
Experience building automation or internal tooling to scale research.
Familiarity with cloud-native architectures and SaaS security platforms.
Experience mentoring other researchers or engineers.
Publishing security research or technical blog posts.

Requirements:
Required Qualifications
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
Good knowledge of Linux OS internals, including both user and kernel space.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs.
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Background in EDR/XDR products or security solution development.
Experience in reverse engineering, including familiarity with debugging and disassembly tools such as GDB, IDA Pro, or Ghidra.
Experience in advanced data analysis, statistics, or machine learning for security applications.
Experience with Linux kernel development or vulnerability research.
Familiarity with virtualization platforms (e.g., ESXi/vCenter).