לוח משרות דרושים הייטק אבטחת מידע / סייבר בירושלים

We are At our company, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
This role focuses on ensuring the security and compliance of cloud infrastructure by implementing and maintaining robust security controls across AWS environments. The position involves automation for security monitoring, adhering to best practices, and collaborating cross-functionally with other teams.
Who You Are:
A strong individual contributor who takes pride in delivering high-quality security outcomes while collaborating closely with peers and stakeholders. You are able to build trust, provide thoughtful input, and continuously grow your technical and operational expertise. You are passionate about exploring new technology and using it to make an actionable impact to the future of fintech. You can balance the needs of the business and the team's goals with strong value for code quality and adherence to implementing best practices. A highly skilled AWS Security Engineer with additional FinOps expertise to ensure the security and compliance of our cloud infrastructure. You are able to implement and maintain robust security controls across AWS environment. You are passionate about best practices, automation for security monitoring, and collaborating with other teams.
What Youll Actually Be Doing:

* Cloud Security Implementation: Contribute to the design and implementation of security measures across AWS environments to ensure systems are secure, compliant, and aligned with industry best practices. Including implementation, automation and development of security policies
* Conduct regular security assessments, control testing, and audits to proactively identify risks and vulnerabilities (and support remediation efforts with partner teams)
* Collaboration with Internal Teams: Work closely with internal teams to integrate security best practices into development and operational workflows
* Security Automation & Infrastructure Management: Design and implement automation strategies for security monitoring, auditing, and incident response
* Cost Efficiency through Security: Contribute to cloud cost management by optimizing cloud resources without compromising on security.
* Incident Response & Threat Management: Participate in incident response efforts to support timely identification, analysis, containment, and remediation of security threats. Contribute to post-incident reviews, help maintain incident response playbooks, and support internal teams by sharing learnings and updated procedures.

Why Youll Love Working Here:


* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first

we are looking for a AI Security Engineer.
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
What Youll Actually Be Doing:
Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
Implement data minimization controls for GenAI/RAG workloads: context filtering, least‐privileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/data exfiltration) and build mitigations.
Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive-data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
Evaluate third‑party AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
Partner across Security, Data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
Lead/participate in AI red‑teaming: automated jailbreak/prompt‑injection tests, safety benchmarks, purple‑team exercises, and response playbooks for AI incidents.
Enable the org with concise guidelines, examples, and training on safe AI development and usage.

we are looking for a Mid-Level, Security Engineer.
This role focuses on ensuring the security and compliance of cloud infrastructure by implementing and maintaining robust security controls across AWS environments. The position involves automation for security monitoring, adhering to best practices, and collaborating cross-functionally with other teams.
What Youll Actually Be Doing:
Cloud Security Implementation: Contribute to the design and implementation of security measures across AWS environments to ensure systems are secure, compliant, and aligned with industry best practices. Including implementation, automation and development of security policies
Conduct regular security assessments, control testing, and audits to proactively identify risks and vulnerabilities (and support remediation efforts with partner teams)
Collaboration with Internal Teams: Work closely with internal teams to integrate security best practices into development and operational workflows
Security Automation & Infrastructure Management: Design and implement automation strategies for security monitoring, auditing, and incident response
Cost Efficiency through Security: Contribute to cloud cost management by optimizing cloud resources without compromising on security.
Incident Response & Threat Management: Participate in incident response efforts to support timely identification, analysis, containment, and remediation of security threats. Contribute to post-incident reviews, help maintain incident response playbooks, and support internal teams by sharing learnings and updated procedures.

we are looking for a Security Engineering Operations Coordinator.
As the Security Engineering Operations Assistant, you'll be the organizational backbone for the VP, Security Engineering-ensuring requests move forward, deadlines stay visible, and nothing gets lost in the shuffle. This isn't about being an admin; it's about being the force multiplier that lets security leadership focus on strategy and technical priorities while you keep the machine running smoothly.
If you're the person who naturally keeps lists, follows up before being asked, and gets satisfaction from bringing order to chaos-this role was made for you.

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
What Youll Actually Be Doing:
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered. .

The Role:
As the Security Engineering Operations Assistant, you'll be the organizational backbone for the VP, Security Engineering—ensuring requests move forward, deadlines stay visible, and nothing gets lost in the shuffle. This isn't about being an admin; it's about being the force multiplier that lets security leadership focus on strategy and technical priorities while you keep the machine running smoothly. If you're the person who naturally keeps lists, follows up before being asked, and gets satisfaction from bringing order to chaos—this role was made for you.

Who You Are:
You're the person everyone relies on to remember the thing that was supposed to happen last Tuesday. You've got 2–5 years of experience in technical coordination, support roles, or security/IT/engineering operations environments, and you know how to work alongside technical teams without needing your hand held. You're exceptionally organized—not in a "my desk is clean" way, but in a "nothing falls through the cracks" way. You communicate clearly in writing and conversation, you're comfortable working closely with senior leadership, and you handle sensitive information with discretion. You're not intimidated by technical discussions—even if you're not the one configuring the firewall, you can follow along, capture the key decisions, and know what questions to ask to make sure everyone's aligned on next steps. You're proactive, dependable, and genuinely curious about how things work.

What You’ll Actually Be Doing:
Direct Support to Security Engineering Leadership
* Assist the VP, Security Engineering with tracking requests, action items, and follow-ups arising from meetings, emails, and discussions
* Maintain organized lists of open items, next steps, and pending decisions
* Perform routine follow-ups with internal teams and external vendors on behalf of Security Engineering
* Help ensure deadlines and commitments are visible and monitored
* Surface overdue items or risks that may require attention Coordination & Task Tracking
* Support coordination of security engineering activities across Security, IT, Engineering, GRC, and external partners
* Track progress of assigned tasks and initiatives using established tools and processes
* Assist in scheduling, preparation, and follow-up for security-related meetings
* Help organize priorities and timelines across multiple parallel efforts Technical Awareness & Documentation
* Maintain familiarity with core security engineering domains, including: Identity and Access Management, Endpoint and device management, Cloud security basics (AWS and Azure), Security tooling and operational workflows
* Capture key outcomes, decisions, and action items from technical discussions
* Maintain documentation, trackers, and status updates
* Ask clarifying questions to ensure expectations and next steps are understood Communication & Information Flow
* Support intake and coordination of inbound requests to the Security Engineering team
* Prepare clear summaries and status updates as needed
* Help ensure relevant information is shared with appropriate stakeholders
* Support prioritization discussions by maintaining visibility into current workload and commitments


Why You’ll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement – from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insuranc

about the team:
Our intelligence team was built in order to play a central role in shaping how the company navigates an increasingly complex and competitive global environment.
we track fast-moving trends, decode strategic shifts, and deliver insight that informs decision-making across product, strategy, policy, and executive functions.
our work is dynamic, cross-disciplinary, and often ahead of the curve.
this is not a classic research role. we're looking for someone with a strong intelligence background who knows how to go beyond surface signals, connect disparate dots, and generate actionable insights with clarity and discretion.
our mission is to detect trends and use those to evaluate risks or opportunities for us. therefore, we are looking for someone who can anticipate future trends based on Real-Time developments.
the position requires on-site presence two days a week at our jerusalem office and two days a week at our tel aviv office.
what will your job look like?
analyze the present and future landscape of the autonomous vehicle and mobility ecosystem, identifying key developments in technology, industry dynamics, and emerging players
identify high-value information from unconventional sources, including conversations, events, and informal market signals
translate fragmented or ambiguous inputs into concise, strategic briefs that inform decision-makers
build and maintain stakeholder and ecosystem maps to support internal initiatives and long-term planning
collaborate closely with product, strategy, and business teams to ensure intelligence is timely, relevant, and actionable.

the company operations control center (occ) needs more amazing operators! the new state-of-the-art control center will be located at our new jerusalem campus in har hotzvim, and will be used to monitor all security and safety systems in all of our campuses.
this 24/7 control center is the central security monitoring and service center for all our locations across the globe. what will your job look like:
using digital systems to monitor and control security & safety systems: cctv, intrusion detection, fire alarm systems, elevators, and more
track cctv displays on wall to wall security monitors, and access control systems
incident response and notification to relevant teams
company incident and ticket system management. including opening and directing tickets to the correct teams and tracking through closure.
answer internal and external service calls
cooperative work with operations teams and support them in various general tasks

A leading technology company developing advanced Cyber security solutions for Embedded platforms is seeking an experienced DevOps Engineer to join a multidisciplinary team.

we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
Who You Are:
You're a security engineer who's excited about the AI wave-someone who sees GenAI and LLMs as fascinating puzzles to secure, not just threats to mitigate. You've spent 5+ years in Security Engineering, AppSec, or Cloud Security, and at least 1-2 of those years have been spent getting your hands dirty with AI/ML or data -intensive systems. You're equally comfortable dissecting a prompt injection attack as you are writing a Terraform module or shipping a Python library. You know your way around AWS and/or Azure, modern app stacks ( Python /TypeScript, REST/gRPC, containers/Kubernetes), and can translate security requirements into Developer -friendly tooling-not just PDF policies that gather dust. You communicate clearly in English and Hebrew, thrive in regulated environments, and understand that security in financial services means mapping controls to frameworks like FFIEC, SOC 2, and PCI DSS-and actually having the evidence to prove it.
What Youll Actually Be Doing:

* Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
* Implement data minimization controls for GenAI/RAG workloads: context filtering, leastprivileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
* Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/ data exfiltration) and build mitigations.
* Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive- data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
* Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
* Evaluate thirdparty AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
* Partner across Security, data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
* Lead/participate in AI redteaming: automated jailbreak/promptinjection tests, safety benchmarks, purpleteam exercises, and response playbooks for AI incidents.
* Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Why Youll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first
Next Step:
Hit Apply!