דרושים » אבטחת מידע וסייבר » Junior Cybersecurity Architect

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 3 שעות
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are seeking a Junior Cybersecurity Architect to join our cybersecurity architecture team. In this role you would assist with enterprise level organizations' white-box maturity assessments, preform due-diligence assessments and help in designing actionable mitigation plans to identified risks to push forward our clients security program. This role is intended for candidates with a technical GRC, risk, or security assessment background who are strong in analysis, interpretation, and structuring of security information. You will work closely with CISOs, security leadership, engineering teams, and external customers, collaborating with senior security stakeholders as part of a versatile, and collaborative architecture team. The position emphasizes risk‑oriented thinking, security assessment methodologies, and architectural review over hands‑on technical configuration or operational security work.

Responsibilities
Support customer third‑party security due diligence assessments.

Support or lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.

Analyze technical findings and map them to governance, risk, and control gaps.

Review Implementation of technical security controls.

Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
1-2 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Basic conceptual understanding of cloud/SaaS shared responsibility models.

Ability to communicate technical issues in business‑aligned language.

Strong writing, communication, and facilitation skills.

Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731956
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
משרה בלעדית
1 ימים
דרושים בריקרוטיקס בע"מ
Job Type: More than one
* CISO Role in a Leading Cybersecurity Company*
Our company specializes in cybersecurity consulting and we are currently expanding our team, and looking for a talented CISO to join our top star team.
We offer a dynamic and challenging role in a company that greatly values human capital and work with cutting-edge security technologies and top-tier clients.
What will you do?
Strengthen cybersecurity across cloud & on-prem networks
Implement security frameworks & best practices
Provide expert guidance on advanced security controls
Requirements:
Job Requirements:
At least 2 years of experience in a CISO role.
Certificate of CISO ( Chief Information Security Officer ) or Professional certification in information technology/security.- MUST
Extensive knowledge of cybersecurity best practices for network and cloud infrastructure.
Familiarity with privacy protection regulations and certifications such as ISO 27001 and SOC2.
Hands-on experience with technical security controls (FW, EDR, etc).
Strong organizational skills, team-oriented, and service-focused.
Knowledge of web security and familiarity with the OWASP Top 10 security risks is advantageous.
High proficiency in English.
This position is open to all candidates.
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
8728164
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
משרה בלעדית
1 ימים
דרושים בלוגיקה IT
Job Type: Full Time and Hybrid work
Cybersecurity startup is looking for a Cyber security Consultant to join our Enterprise Security department
Tel aviv 
Full time 
2 days hybrid

Main Responsibilities:

Evaluate clients' security posture, configurations, architecture, and security strategy, identifying gaps, risks, and improvement opportunities.
Consult on Cyber security engagements, including the development of Cyber security plans, security roadmaps, and implementation guidance.
Create high-quality deliverables and present the assessment results to a broad range of client stakeholders.
Support security incident engagements and on-demand security improvement activities, as required (up to 20%).
Requirements:
At least 5 years of experience as a Cyber security professional.
Previous hands-on experience as one of the following: IT/ Network Expert, security engineer, security architect, application security professional, cloud security professional, or in a similar technical security role.
Strong understanding of security design, security architecture, and enterprise security controls.
Ability to assess complex technical environments, identify security gaps, and recommend practical improvements.
Proven presentation and client-facing skills, including the ability to document and explain technical information in a clear and concise manner.
Fluent English, written and spoken.
Willingness to travel domestically and internationally, up to 20%.
This position is open to all candidates.
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
8715361
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 3 שעות
Location: Herzliya
Job Type: Full Time
we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
Strong understanding of governance, risk management, and operational processes.
Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
Basic conceptual understanding of cloud/SaaS shared responsibility models.
Ability to communicate technical issues in business‑aligned language.
Hands-on experience with security controls - an advantage.
Strong writing, communication, and facilitation skills.
Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731962
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 3 שעות
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a security architect to join our team! 
Responsibilities
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Review designed or deployed environments, identifying security flaws and recommending mitigations plans

Review Implementation of technical security controls, identify gaps and offer practical mitigations.

Escort, evaluate and improve our clients security posture by elevating their infrastructure resilience and implement best-practice organizational procedures

Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.

Research and advocate for new security solutions and technologies
Requirements:
Qualifications
3+ years of hands-on experience with securing large organizational networks, including security controls, OS hardening, network devices security, etc.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Significant experience in at least five subjects from the following list:

Vast knowledge and expertise in cyber-security IT systems and cloud infrastructure

Deep understanding of Microsoft IT on-prem and cloud infrastructure, e.g., Entra-id, Office365, AD, GPO, protocols.

Practical experience with cloud environments - AWS, Azure, GCP- A significant advantage

Practical experience in consulting services and risk assessment

Practical experience with security configuration and maturity assessment

Knowledge of security controls, e.g., AV, EDR/XDR, DLP, Device control, etc.

ZTNA design & deployment experience.

Experience with implementing security monitoring procedures & systems (SOC, SIEM, SOAR)
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731964
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
25/06/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
We are looking for an experienced Cyber Security Architect (CISO Department) to join our Security Architecture team and help design, review, and guide the implementation of security controls across the organization.
The Cyber Security Architect will work closely with Security, IT, Engineering, Cloud, DevOps, Infrastructure, and business stakeholders to ensure that systems, applications, cloud services, SaaS platforms, and internal processes are designed and operated securely.
This role requires a strong combination of technical depth, risk-based thinking, practical security judgment, and the ability to translate security requirements into scalable architecture and actionable guidance.
Key Responsibilities:
Security Architecture & Risk Advisory
Design and review security architecture across enterprise systems, applications, cloud environments, SaaS platforms, infrastructure, and third-party integrations.
Define security requirements and assess architecture (including data flows, authentication models, network connectivity, APIs, and integrations) for new technologies, projects, and business initiatives.
Perform technical security reviews of systems, tools, vendors, and integrations, identifying gaps and providing practical, risk-based recommendations.
Clearly communicate security risks, business impact, and mitigation strategies to technical and non-technical stakeholders.
Act as a trusted security advisor to IT, Engineering, DevOps, Product, and business teams, balancing risk reduction with business enablement.
Identity, Access & Zero Trust
Define and improve identity and access control architecture across enterprise systems, cloud services, SaaS platforms, and internal applications.
Support implementation and improvement of controls such as SSO, MFA, conditional access, device posture, privileged access management, RBAC, and access governance.
Review authentication and authorization models for internal and external-facing applications.
Help drive Zero Trust initiatives across users, devices, applications, networks, and data.
Security Standards, Patterns & Governance
Contribute to policies and procedures related to data protection, AI usage, and secure development.
Document architecture decisions, exceptions, risks, compensating controls, and approved security patterns.
Support continuous improvement of security architecture processes, documentation, and intake workflows.
Partner with Governance, Risk & Compliance, Legal, Privacy, and Procurement teams as needed.
Security Operations & Detection Enablement
Ensure systems are designed with appropriate security logging, SIEM integration, and visibility requirements to support SOC monitoring and incident response.
Work with SOC, Detection Engineering, EDR/XDR, SIEM, and Incident Response teams to embed visibility and response requirements into architecture.
Support investigations and post-incident reviews when architecture improvements or control enhancements are required.
Requirements:
5+ years of experience in cyber security, security architecture, cloud security, infrastructure security, application security, or related roles.
Strong understanding of enterprise security architecture principles.
Hands-on experience with cloud platforms such as Azure, AWS, and/or GCP.
Strong knowledge of identity and access management, including SSO, MFA, conditional access, RBAC, privileged access, and access governance.
Experience reviewing security architecture for SaaS platforms, enterprise applications, APIs, and integrations.
Familiarity with network security concepts, including segmentation, firewalls, VPN, ZTNA, proxies, DNS, TLS, and secure connectivity.
Understanding of endpoint security, EDR/XDR, device compliance, and secure workstation/server configurations.
Knowledge of data protection concepts such as encryption, DLP, classification, tokenization, secrets management, and key management.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8711407
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
25/06/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
We are seeking a highly skilled and experienced Security GRC Specialist to join our team. This position reports directly to the GRC Manager, as part of the CISO group. The ideal candidate should have a strong background in GRC, with a proven track record of successfully implementing GRC programs. This role requires a diligent professional who thrives in a fast-paced environment and can manage multiple priorities while maintaining attention to detail.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Manage ISO 27001/ISO27017/ISO27018 compliance by conducting gap analyses, maintaining ISMS documentation, and coordinating audits to ensure ongoing certification.
Respond to customer due diligence requests and support the review of security and compliance clauses in customer and vendor contracts,
Conduct third-party risk assessments and identify potential security threats and vulnerabilities.
Manage and maintain the GRC platform to ensure accurate compliance monitoring, documentation, and audit support
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.
Requirements:
Minimum of 3 years of experience in GRC, and information security.
Strong knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001).
Experience in responding to customer due diligence requests.
Experience in conducting security audits such as SOC 2 and ISO 27000 family.
Experienced with leading GRC platforms, covering third-party risk management, audit management, and security awareness programs.
Excellent analytical, attention to detail, problem-solving, and communication skills.
We are looking for a passionate candidate who can work independently and collaboratively as part of a team in a fast-paced environment.
Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Highly advantageous experience with:
ISO 42001 compliance, including implementation, documentation, and audit coordination.
Payment Card Industry (PCI) standards.
Business Continuity Management.
Developing GRC platform automations, integrations, and workflows.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8711405
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
09/06/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
Power the Future with us! SolarEdge (NASDAQ: SEDG), is a global leader in high-performance smart energy technology, with over 3000 employees, offices in 34 countries, and millions of products installed in over 133 countries. Our diverse product offering comprises intelligent solar inverters, battery storage, backup systems, EV charging, and complete home energy management ecosystems. By leveraging world-class engineering capabilities and with a relentless focus on innovation, we strive to create a world where clean, green energy from the sun is the primary source of power for our homes, businesses, and just about everywhere we thrive We're looking for a Cyber Security Architect to set the technical direction for security across our entire estate — on-premises infrastructure, R&D and product engineering, and cloud. You'll own reference architectures, lead security projects end-to-end, and partner closely with infrastructure, engineering, and DevOps teams to embed security by design. This is a hands-on senior role: you're equally comfortable presenting a strategy to executives and pulling apart a threat model with engineers. What you'll do
* Design and govern security architectures that span data centers, product platforms, and cloud workloads — bringing one coherent control story across all three.
* Lead threat modeling and architectural risk assessments for major projects, translating findings into prioritized design changes.
* Define and maintain reference architectures, security patterns, and hardening baselines covering identity, network segmentation, endpoint, application, and data protection. Embed security into the SSDLC and review new product features and platform changes before they ship.
* Architect cloud landing zones, IAM, network and key management, CSPM/CWP coverage, and container/Kubernetes security.
* Mentor security engineers, brief executives, and act as the senior technical authority for security across IT, R&D, and cloud.

Country:
Israel

City:
Herzliya
Requirements:
7+ years in cyber security , with at least 3 in security architecture or senior technical lead role.
* Proven delivery of security projects across on-prem, product/R&D, and cloud — not just one of the three.
* Strong understanding of enterprise security architecture frameworks.
* Hands-on architectural depth in major cloud AWS: IAM, networking, encryption/KMS, logging, native security services.
* Network and infrastructure security: segmentation, firewalls, VPN/SASE, IDS/IPS, secure remote access.
* Identity and access: directory services, federation (SAML/OIDC), MFA, conditional access, PAM principles.
* Application and product security: OWASP Top 10, threat modeling (STRIDE), SSDLC integration, SAST/DAST/SCA.
* Cryptography fundamentals: TLS, PKI, key management, secrets management.
* Programming in at least one language (Python/Go/Java/C#/Rust)
* Experience building automation and using AI?assisted tools
* Familiarity with vulnerability management and pen?testing workflows
* Strong written and verbal communication; able to brief both engineers and executives.
* Structured analytical thinking; comfortable balancing security rigor against business priorities. Nice to have
* Multi-cloud experience (two or more of AWS/Azure).
* Infrastructure-as-Code and policy-as-code (Terraform, OPA, Sentinel).
* Container/Kubernetes security and DevSecOps pipeline integration and image scanning.
* API security architecture (gateways, OAuth 2.0/OIDC).
* Compliance fluency: ISO 27001, NIST 800-53/CSF, SOC 2, GDPR.
* Product, IoT, or OT security exposure relevant to our R&D domain.
* AI/ML security architecture awareness.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8633801
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 3 שעות
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a Cyber Security Expert with hands-on experience in offensive security, possessing strong technical capabilities, in-depth knowledge of adversary simulation, and a passion for Red Team operations.
Responsibilities
Participate in Red Team assessments that simulate real-world threats and remain undetected by the client's defensive team. These stealth operations simulate advanced adversaries and require careful planning, execution, and OPSEC
Lead or co-lead portions of internal and external offensive assessments, including perimeter exploitation and post-exploitation in Active Directory
Perform Purple Team engagements to help clients improve their monitoring and detection capabilities while sharpening your own offensive skills
Document attack paths, risk analysis, technical findings and remediation guidance in detailed reports tailored to both technical and executive audiences.
Collaborate with the team to develop and maintain internal tooling, scripts, and documentation for offensive operations
Continuously research and test new techniques, tools, and attack paths to further enhance Red Team capabilities
Requirements:
Requirements
2+ years of hands-on experience in offensive security, red teaming, or penetration testing
Hands-on experience with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver)
Strong understanding of Active Directory, domain escalation paths, Kerberos, trust relationships, GPO abuse, credential access, etc.
Proficiency in various offensive techniques such as Relay Attacks, Coercion, Kerberos Attacks, Privilege Escalation, etc.
Familiarity with network protocols (e.g., SMB, DNS, LDAP, HTTP) and system internals (Windows and Linux)
Strong understanding of OPSEC considerations during covert operations
Ability to present and produce clear and actionable technical reports and documentation in English
Experience working in client-facing roles or as part of structured engagements
Proficient in one or more scripting/programming languages: Python, PowerShell, C#, or C++
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731960
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of products.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring remains ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams
Requirements:
4+ years of experience in Application Security, Penetration Testing, or Product Security in a SaaS company
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Deep understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles
Proficiency in scripting or programming languages (Python, JavaScript, Go, etc.) for security automation
Experience with cloud security best practices (AWS, GCP, or Azure)
Hands-on experience with DevSecOps and integrating security tools into CI/CD pipelines
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management
Experience working with large-scale, complex R&D environments
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723935
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 3 שעות
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a talented Application Security Specialist to join our team. In this role, you will take an active part in application penetration testing, threat modeling, Secure SDLC activities, and AppSec initiatives that help evaluate and improve security posture. The position includes hands-on security testing of web, mobile, API, thick client, AI/LLM integrations, and MCP-based application components, identifying and validating vulnerabilities, assessing real business impact, supporting customers with clear remediation guidance, and contributing to application security processes, tools, and best practices.

Responsibilities
Perform hands-on application penetration testing across web, mobile, API, thick client, AI/LLM integrations, and MCP-enabled application components.

Perform threat modeling and secure design reviews to identify risks early in the development lifecycle.

Support development teams with practical remediation guidance and secure implementation recommendations.

Perform Secure Software Development Lifecycle and secure coding training for developers.

Evaluate and improve customers application security development lifecycle, including secure coding practices, vulnerability management, remediation workflows, and security gates.

Participate in client-facing discussions, including assessment scoping, finding walkthroughs, remediation alignment, and retest updates.
Requirements:
Qualifications
2+ years of hands-on experience in application penetration testing.

Strong understanding of OWASP Top 10 and CWE Top 25, with proven experience identifying vulnerabilities and supporting practical remediation strategies.

Familiarity with high-level programming languages (Java, JS, Python, etc.).

Relevant App PT training and certifications such as EWPTX, OSWE, etc.

Strong English communication skills, with the ability to communicate technical topics clearly in client-facing discussions.

Advantage: Deep understanding of the LLM Top 10, AI security risks, MCP security risks, and AI/LLM hacking techniques.

Advantage: Proven experience in secure code review or high-level code auditing.

Advantage: Knowledge of Secure SDLC practices, and methodologies, including Microsoft SDL, OWASP SAMM, and OWASP ASVS.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731965
סגור
שירות זה פתוח ללקוחות VIP בלבד