דרושים » אבטחת מידע וסייבר » Security Leader 25675

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 8 שעות
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Security Lead to join our companys R&D organization, taking a central, cross-functional role in shaping the security posture of our products. This role combines deep hands-on expertise with cross-organizational leadership, working closely with senior leaders to shape and implement security strategy across all product lines. You will lead end-to-end security initiatives, influence engineering practices at scale, and play a critical role in ensuring our products meet the highest security standards.
Key Responsibilities
Lead security in the R&D organization by professionalism and cooperation across our company
Maintain and develop the Secure Development Life Cycle of all our companys Products Organization, work with R&D, QA, Sales, Support, external researchers, and customers to make the cyber landscape a safer place.
Conduct architectural security reviews and threat modeling for R&D
Full triage for our company's VDP and BBP reports, including analyzing reports, calculating severities and communications with reporters.
Define and develop security training to implement cross organization
Be a first responder in security incidents, including leading and defining actions to resolution
Manage and monitor our company's SCA, SAST, DAST tools.
Requirements:
Proven ability to lead and influence leaders across the organization.
In-depth knowledge of Secure Development Life Cycle (SDLC) processes, secure architecture, third-party tools, and security policies.
Threat modeling & secure design - Ability to review architectures, identify abuse cases, and guide developers on secure design decisions early in the lifecycle.
Expertise in identifying, analyzing, and mitigating security vulnerabilities, including familiarity with Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS).
Hands-on experience with AppSec tooling - SAST, DAST, SCA (e.g., SonarQube, Snyk, JFrog Xray), including tuning, triaging results, and integrating into CI/CD pipelines.
Experience with vulnerability management and the ability to interpret and apply security standards, guidelines, and regulations.
Proficiency in secure coding practices and the ability to conduct code reviews for security vulnerabilities.
Familiarity with incident response processes, security monitoring, and threat intelligence.
Offensive mindset - Ability to think like an attacker (manual testing, basic exploitation techniques) to validate real impact and reduce false positives.
Advantage:
Prior experience in software development.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8721058
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 8 שעות
Location: Tel Aviv-Yafo
Job Type: Full Time
our companys Harmony SASE is looking for an Information Security Manager to join its staff.
This is a unique opportunity for you to work in the #1 worldwide Cyber Security Company, gain expertise and experience leading the information security program for the best of SASE (Secure Access Service Edge).
Key Responsibilities
As Information Security Manager you will:
Governance, Risk & Compliance
Lead and manage the Product Security team
Build, operate, and continuously improve the Harmony SASE Information Security Management System (ISMS), aligning policies, standards, and controls with our company and industry best practices.
Own the Harmony SASE compliance roadmap - lead and maintain certifications and attestations including ISO/IEC 27001, SOC 2 Type II, GDPR, IRAP and C5
Lead enterprise risk assessments and the third-party / vendor risk program, ensuring risks are identified, prioritized, and treated.
Coordinate internal and external audits, manage evidence collection, and remediate findings to closure.
Product & Application Security
Develop and implement a comprehensive AI - Secure Software Development Lifecycle (AI S-SDLC) framework, embedding security into every phase of the SDLC and CI/CD pipelines.
Conduct threat modeling and secure architecture reviews for new and existing Harmony SASE features, partnering with R&D to mitigate vulnerabilities by design.
Operate the application security tooling stack - ASPM, SAST, DAST, SCA, AI Security Scanning and secret scanning - at scale, and partner with development teams to drive findings to remediation while maintaining developer productivity.
Champion secure coding practices and OWASP Top 10 awareness across R&D.
Operational Security & Incident Response
Lead security incident response for Harmony SASE - preparedness, detection, containment, eradication, recovery, and lessons-learned - covering both product and information security incidents.
Oversee identity and access governance, ensuring least-privilege, segregation of duties, and access reviews across production and corporate environments.
Design and operate security automation to enhance the efficiency and coverage of security operations.
Security Culture & Enablement
Foster a culture of security awareness and continuous improvement; deliver targeted training for engineers, operations, and broader staff.
Lead responses to customer security questionnaires, RFPs, and due-diligence requests, representing Harmony SASEs security posture to customers and partners.
Stay current on the evolving Threats Landscape, regulations, and technologies, and translate them into pragmatic improvements to the security program.
Youll enjoy:
Interact with executives, managers, engineers across the company
Be the best security expert and knowledgeable you can imagine
Sharing your day with fun, passionate, brilliant people.
דרישות:
We are looking for you:

Bachelors degree in computer science, Information Security, or related field.
Minimum of 5 years of experience in information security or application/product security, with at least 2 year in a leadership role.
Proven experience building or operating an Information Security Management System (ISMS) and leading certifications such as ISO/IEC 27001 and SOC 2.
Working knowledge of GDPR, PCI-DSS, and NIST CSF / 800-53; familiarity with HIPAA, FedRAMP, DORA, Cyber Essentials, C5, IRAP, AI Security Frameworks and the Cloud Controls Matrix (CCM).
Hands-on experience with S-SDLC, threat modeling, and application security tooling such as ASPM, SAST, and DAST in complex, high-scale environments.
Strong understanding of risk management, third-party risk, identity and access governance, and incident response.
Excellent communication and leadership skills, with the ability and passion to drive change across R&D and the broader organization.
Reports to the Harmony SASE Head of Architecture (R&D Director) and partners closely with R&D, DevOps, IT, Legal, and the company Corp המשרה מיועדת לנשים ולגברים כאחד.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8721123
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
Location: Tel Aviv-Yafo
Job Type: Full Time
We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.
Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 7 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies.
Strong understanding of threat modeling methodologies, secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience in implementing security tools and technologies such as ASPM, SAST, DAST in complex and high-scale environment.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are desirable.
Proven experience in a similar role at another leading software development company.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8719435
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are seeking a highly skilled and hands-on Application Security Lead to take ownership of our product and infrastructure security. Reporting directly to the CISO with a dotted line to the CTO, you will act as the critical bridge between our Security and Engineering teams, driving a robust "security-first" culture.
While this role encompasses both application and infrastructure security, our primary focus is on the Application Security domain. You will lead our transition towards a mature DevSecOps organization, ensuring that security is seamlessly embedded into every phase of our SDLC without compromising delivery speed.
Key Responsibilities
Application Security & Secure Engineering:
Secure SDLC Integration: Embed security practices throughout the entire SDLC, from initial design and planning to deployment and maintenance.
Threat Modeling & Architecture: Lead threat modeling (e.g., STRIDE) and architectural reviews for high-risk features like authentication, PII, and payments.
AppSec Tooling & Automation: Integrate and manage automated security scanning (SAST, SCA, DAST) within CI/CD pipelines to ensure code integrity seamlessly.
Mobile & API Security: Enforce least-privilege models for API configurations. Lead security initiatives specifically tailored to mobile environments (iOS/Android), protecting our core mobility platform.
Offensive Security & Pentesting: Orchestrate internal red teaming and external penetration tests for web and mobile applications. Manage Vulnerability Disclosure Programs (VDP) / Bug Bounties.
Developer Empowerment & DevEx: Collaborate with developers to provide automated tools, coding guidelines, and frictionless guardrails for secure-by-design development, ensuring security acts as an enabler, not a blocker.
Incident & Vulnerability Management: Act as the technical escalation point for application security incidents, leading detection and recovery efforts, while prioritizing vulnerabilities across the product suite for timely remediation.
Cloud & Infrastructure Security:
Cloud & Network Posture: Manage cloud security posture (CSPM) across AWS/GCP and oversee broad network security measures, including WAF, Bot management, and environment segmentation.
Pipeline & Secrets Management: Secure the CI/CD infrastructure against tampering and enforce robust secret management and secure repository controls across the organization.
Resilience & Recovery: Manage disaster recovery (DR) and business continuity planning for production environments.
Governance, Culture & Compliance:
DevSecOps Strategy: Lead the strategic evolution of DevOps into a mature DevSecOps model, aligning with industry frameworks like OWASP SAMM and NIST SSDF.
Metrics & Measurement: Define and track key security metrics (e.g., MTTR, vulnerability density) to measure and improve program effectiveness.
Security Champions: Build and mentor a Security Champions program within R&D to scale security knowledge and foster a grassroots culture.
Compliance & Privacy: Ensure continuous compliance with PCI-DSS, ISO27001, and GDPR, championing privacy-by-design principles across all user data and R&D operations.
Requirements:
5+ years of proven experience with a strong emphasis on Application Security, Product Security, and Developer interaction. Cloud/Infrastructure security experience is highly valued but secondary to AppSec expertise.
Hands-on experience with AppSec tooling across the CI/CD pipeline, mobile application security (iOS/Android), and robust API security management.
Solid understanding of cloud architectures (AWS/GCP), secret management, and security posture tools.
Deep understanding of OWASP SAMM, NIST, Threat Modeling (STRIDE), and regulatory standards (PCI-DSS, GDPR).
Exceptional communication skills with the ability to bridge the gap between engineering, C-level executives (CISO/CTO), and security teams to embed a security culture seamlessly.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8668443
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
07/06/2026
חברה חסויה
Location: Tel Aviv-Yafo and Netanya
Job Type: Full Time
The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement.
Requirements:
Proven experience leading AppSec or Product Security teams
Deep Knowledge in Application Security and Vulnerabilities
Strong coding/scripting background (e.g., Python, Go, Java, JavaScript)
Hands-on experience with CI/CD pipelines, security tools, and DevSecOps practices
Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes)
Deep understanding of software development processes and secure coding principles
Penetration testing knowledge is a plus
Strong communication and collaboration skills.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8683243
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
31/05/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
Requirements:
5+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) addressing, escalating, and managing security incidents and creating incident reports.
Extensive experience in managing the lifecycle of security incidents in a global, 24/7 production environment..
Collaborating with various cross-organizational stakeholders to drive incident response and remediation.
Development of common runbooks for most frequent or critical incident types.
Strong development fundamentals with experience delivering and maintaining production-grade code.
Coding & Scripting: Hands-on programming experience (Python, Bash, etc.) with proven ability to build automation processes.
Proven expertise in attack and mitigation methods within Cloud and SaaS environments
Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts.
Problem solver, an in-depth thinker with a growth mindset.
Excellent communication skills and ability to work collaboratively with other teams
Preferred Qualifications
Bachelors degree in Computer Science, Information Technology, or related field
Solid understanding of LLM concepts and architectures, with hands-on experience applying them in practice.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8673515
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
07/06/2026
חברה חסויה
Location: Tel Aviv-Yafo and Netanya
Job Type: Full Time
Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.
Requirements:
7+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research
Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies
Hands-on experience with Red Team tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development
Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)
Familiarity with the MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios
Proficiency with scripting and automation languages for tool development, threat detection, and attack simulation
Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis
Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights
A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8683102
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
4 ימים
Location: Tel Aviv-Yafo
Job Type: Full Time
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community

Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product

Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.
Requirements:
8+ years in security research, threat research, or closely related fields (offensive security, detection engineering, incident response, cloud security engineering). Fewer years are fine if your depth and track record are exceptional.
Deep multi-cloud expertise - strong hands-on experience across at least two of the major cloud providers (AWS, Azure, GCP), with working knowledge of the third. You understand the IAM models, logging pipelines, APIs, and attack surfaces that matter in each.
A track record of original research - you've published meaningful technical findings through blog posts, conference talks, open-source tools, or vulnerability discoveries that moved the needle. We want someone who doesn't just consume research - you produce it.
Strong adversarial mindset and critical thinking - you think like an attacker targeting cloud infrastructure, SaaS platforms, identity systems, and Kubernetes. You can model threat scenarios, map out attack paths, and poke holes in defenses.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8712545
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
01/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
we are looking for a Product Security Engineer.
Responsibilities:
Own, maintain, and continuously improve the Secure Design Review process, ensuring security considerations are integrated early in the development lifecycle.
Develop, implement, and maintain Zenitys Application Security Program, including controls, standards, developer enablement, and automation.
Manage SAST and DAST tooling, including configuration, integrations, alerting, developer workflows, and program-wide reporting.
Monitor and enforce SDLC security controls, ensuring consistent application of secure development practices across all engineering teams.
Develop and maintain Zenitys Cloud Security Program, defining guardrails, policies, and automated controls for secure-by-default cloud deployments.
Manage CSPM tooling, including configuration, findings triage, reporting, and alignment with internal risk and compliance processes.
Partner with DevOps to design, implement, and maintain a fully secured CI/CD pipeline, ensuring that security checks, guardrails, and automated gates are embedded throughout build, test, and deployment stages.
Collaborate closely with engineering teams to deliver actionable guidance, model threats, advise on architecture, and support secure implementations.
Drive automation-first approaches to product and cloud security, reducing friction and enabling fast, safe development.
Define and track KPIs, metrics, and reporting for application and cloud security health.
Identify gaps in product, application, and cloud security posture and drive end-to-end remediation plans.
Promote a culture of security and developer empowerment by delivering clear, pragmatic, and scalable guidance.
Requirements:
Five (5) + years of experience in Engineering / Security Engineering
We build solutions when faced with a capability gap
Youre very comfortable with Kubernetes, Helm, and Terraform
Youre very comfortable with Python and Typescript
Three (3) + years of experience in an Application Security/Product Security focused role
Youve led AppSec focused Security Review programs
Youve led CloudSec focused Secure Design reviews
Youve led multiple vulnerability management campaigns to mitigate Cloud and Application security risks
Two (2) + years of experience managing enterprise wide security projects
You have a strong opinion on what a project plan doc should look like
Youve owned and delivered the migration or deployment of an AppSec focused security tool (SAST, DAST, ASPM, etc.)
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8674696
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
14/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Were looking for a driven, motivated, and ambitious GRC Specialist to join our growing Security team . Here, were redefining how security teams operate - not by buying more tools, but by building smarter, AI-driven programs from the ground up. As our GRC Specialist, you'll own the compliance programs that underpin trust with our customers and partners, while actively shaping how we use AI and automation to make compliance faster, more rigorous, and less manual. This isn't a checkbox role. It's a builder role for someone who sees compliance as a competitive advantage and AI as the engine to get there.
Responsibilities:
Compliance Program Ownership
Own and lead security compliance programs across SOC 2, ISO 27001, C5 BSI, and ISO 42001, ensuring continuous readiness and alignment with evolving requirements.
Lead the scoping, planning, and implementation of new compliance frameworks as the business scales into new markets and regulatory environments.
Act as the primary point of contact for audits - managing evidence collection, auditor relationships, and remediation tracking end-to-end.
AI-Driven Compliance Operations
Design and operate continuous compliance monitoring programs leveraging AI and automation - replacing point-in-time snapshots with real-time assurance.
Build internal AI-powered tooling and workflows (in partnership with the AI Transformation Lead) to automate evidence gathering, control validation, and risk signal aggregation.
Evaluate and adopt emerging AI compliance methodologies, including AI-specific frameworks like ISO 42001, and translate them into actionable internal programs.
Risk & Vendor Management
Manage the third-party risk program (TPRM), including vendor assessments, security questionnaires, and ongoing monitoring of the vendor landscape.
Maintain and actively drive the risk register in close collaboration with the CISO, ensuring risks are tracked, owned, and remediated on time.
Policy & Culture
Develop and maintain security policies, standards, and procedures that are practical, current, and aligned with both compliance requirements and business objectives.
Drive security awareness training across the organization and champion secure development practices in collaboration with engineering and product teams.
Cross-functional Collaboration
Serve as a trusted partner to the CISO, Information Security Manager, HR, Legal, and AI Transformation Lead on matters of risk, compliance, and security governance.
דרישות:
A self-starter mindset: comfortable with ambiguity, able to set priorities without heavy direction, and capable of building structure where none exists.
Demonstrated ability to build compliance and security programs from scratch, not just maintain inherited ones.
2+ years of hands-on experience in information security and GRC, ideally in a fast-moving SaaS or tech environment.
Deep familiarity with major frameworks and regulations - SOC 2, ISO 27001, NIST, CIS, DORA, GDPR, and related standards.
Practical experience with security and IT tooling across cloud environments (AWS, Azure, or GCP), application security, and infrastructure security.
Exposure to SOC (cybersecurity operations center) environments and cybersecurity incident response.
Strong written and verbal communication skills - able to translate technical risk into clear language for executives, auditors, and non-technical stakeholders.
Hands-on experience with IT and Security tools
AI Orientation (Non-Negotiable)-
Genuine curiosity and working knowledge of AI tools, LLMs, and automation - you've used them, not just read about them.
Experience building or operating AI-assisted workflows for compliance, risk, or security operations is a strong plus.
Ability to think critically about AI risk, including how to govern and assess AI systems under frameworks like ISO 42001.
Visionary outlook: you see the 2-year horizon where AI has transformed how GRC functions and you want to be the person who builds that future המשרה מיועדת לנשים ולגברים כאחד.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8692757
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
As the Head of Research, you will lead Securitys threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do :
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.
Requirements:
7+ years of experience in security research, threat intelligence, vulnerability discovery, offensive security, or closely related roles.
Proven people management experience (mandatory), including hiring, mentoring, and growing high-performing teams.
Demonstrated ability to set a research vision, prioritize effectively, and execute through others in a cross-functional environment.
Strong research fundamentals: designing experiments, validating hypotheses, and turning ambiguous signals into clear findings and recommendations.
Excellent stakeholder management and partnership skills, including the ability to collaborate deeply with engineering and product teams.
Strong written and verbal communication skills, including the ability to communicate complex technical concepts to varied audiences.
Ability to operate hands-on when needed (for example to review technical work, guide investigations, or unblock the team).
Solid coding fluency and automation mindset (languages and stack flexible, Python/Go helpful).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8693460
סגור
שירות זה פתוח ללקוחות VIP בלבד