לוח משרות דרושים ראש צוות פיתוח אבטחת מידע /סייבר בהרצליה

We are seeking a highly skilled and motivated Senior Security Researcher to join our dynamic team at our company. As a Senior Security Researcher, you will play a pivotal role in simulating real-world attack scenarios, identifying vulnerabilities, and contributing to the development of innovative security solutions. You will work alongside some of the best security experts in the industry, driving research initiatives and enhancing your knowledge of emerging threats and attack techniques.
Key Responsibilities:
Conduct in-depth research and analysis of n-day vulnerabilities to assess risk and potential impact.
Investigate attack vectors across various operating systems and cloud environments (IaaS/SaaS).
Define and document mitigation strategies for discovered attack techniques, collaborating with development teams for implementation.
Drive the integration of research findings into product features, ensuring enhanced security capabilities.
Stay abreast of the latest security trends, technologies, and best practices to maintain expertise in the field.
Collaborate with cross-functional teams to communicate and implement identified attacks, techniques, and solutions.
Contribute to public security research through blog posts and potentially present findings at industry conferences.

We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

Required PRODUCT SECURITY TEAM LEADER
Responsibilities:
Manage and lead a team of product security engineers, overseeing daily operations and ensuring high-quality execution of product security assessments and projects.
Develop and execute the strategic roadmap for the team, aligning with the groups KPIs, organizational goals, and industry best practices.
Oversee post-production activities, tools, and procedures, such as penetration testing, WAF policies, and runtime protection policies, in advanced Kubernetes (k8s) environments, micro-services architectures, and cutting-edge CI/CD pipelines.
Manage the companys bug bounty programs, collaborating with external security researchers.
Plan, manage, and execute security projects, coordinating cross-functional teams to ensure timely and effective implementation of security initiatives.
Collaborate closely with software architects, security champions, and R&D teams to triage security findings and develop mitigation strategies.
Be responsible for monitoring and protecting the companys external attack surface by leading the design and development of internal (and our OSS) security tools and proprietary products. More about how we manage our attack surface: The Continuous Recon Mindset
Develop and conduct security training sessions for R&D and other departments to foster a strong security culture within the organization.
Lead incident response efforts, coordinating with the incident response team during security crises to ensure swift and effective resolution.
Promote continuous improvement in security methodologies, staying abreast of the latest trends and threats.
Ensure compliance with EU GDPR, CCPA, and other relevant standards by guiding technological compliance efforts.