לוח משרות דרושים הייטק אבטחת מידע / סייבר בהרצליה

We are seeking a highly skilled and motivated Senior Security Researcher to join our dynamic team at our company. As a Senior Security Researcher, you will play a pivotal role in simulating real-world attack scenarios, identifying vulnerabilities, and contributing to the development of innovative security solutions. You will work alongside some of the best security experts in the industry, driving research initiatives and enhancing your knowledge of emerging threats and attack techniques.
Key Responsibilities:
Conduct in-depth research and analysis of n-day vulnerabilities to assess risk and potential impact.
Investigate attack vectors across various operating systems and cloud environments (IaaS/SaaS).
Define and document mitigation strategies for discovered attack techniques, collaborating with development teams for implementation.
Drive the integration of research findings into product features, ensuring enhanced security capabilities.
Stay abreast of the latest security trends, technologies, and best practices to maintain expertise in the field.
Collaborate with cross-functional teams to communicate and implement identified attacks, techniques, and solutions.
Contribute to public security research through blog posts and potentially present findings at industry conferences.

We're seeking an experienced CISO for a part-time, flexible consulting role to guide our security strategy and ensure best practices across development and infrastructure teams. This role also plays a key part in supporting our compliance initiatives.
Key Responsibilities:
Oversee and maintain security policies and processes
Advise application development teams on secure coding and architecture
Support infrastructure teams with secure configuration and best practices
Lead involvement in key compliance activities.

We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

We are looking for a Red Team Expert with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

Required Vulnerability Researcher
Want to make an instant impact?
Be a part of the top cyber research teams in the industry and make the world a better place!
As a Vulnerability Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding vulnerabilities and circumventing modern mitigation techniques
Our perks:
A competitive compensation package
Hybrid and flexible
Multiple career advancement opportunities
Incredible benefits.

Required Operations Researcher
As an Operations Researcher, you will:
Collaborate with teams to achieve strategic goals
Manage projects to improve efficiency and implement key initiatives
Oversee procurement of critical assets and infrastructure
Build and sustain international relationships
Analyze data to identify trends and actionable insights
Manage payment systems and integrate diverse platforms
Provide accurate, timely reports for transparency and accountability.

Required Security Researcher
As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Your role will include: Researching OS internals, deconstructing of applications, architecture reviews and red-team tests
Define product requirements, alert mechanisms, working procedures and more.

Required Cyber Intelligence & BizDev Specialist
As a Cyber Intelligence & BizDev Specialist, you will:
Create development plans for the business and R&D divisions
Identify technology market opportunities through research and meetings
Attend events such as exhibitions and conferences
Produce reports for management and colleagues.

Required Intelligence Analyst
As an Intelligence Analyst, you will:
Create and manage relevant data collection while utilizing open sources as well as advanced collection tools
Grow expertise in the companys fields of interest, and become a domain expert
Identify gaps, inform and influence stakeholders through presentation of data-based recommendations
Support multiple teams and the decision-makers by providing them with both data and insights per ad-hoc assignments
Produce intelligence products at tactical, operational and strategic levels.

Required SOC Analyst Tier 1
As a SOC Analyst Tier 1, you will:
Work in shifts 247, including weekends and holidays
Proactively hunt and monitor cyber threats
Analyze raw data, traffic and TTPs to maintain a dynamic comprehensive threat model
Develop dashboard to handle security alerts and incidents
Work with forensic tools.

Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

Are you ready to power the future? At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 4,000 employees, offices in 34 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. This role is a team member in our security engineering team. The Cyber Security team is composed of strong and experienced security engineers, responsible for designing, implementing, analyzing, and maintaining an on-prem\cloud-based security controls in particular OT security. What you will be doing:
* Manage the day-to-day operations of the company’s security infrastructure systems.
* Will lead the implementation of IT/OT cyber security systems in the organization.
* Provide security guidelines to various projects and systems.
* Research new innovative technologies to mitigate security gaps and work to implement in the production

Country:
Israel

City:
Herzliya

Are you ready to power the future? At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 4,000 employees, offices in 34 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. Working as part of the SOC team in a large and interesting organization, your role will be to monitor cyber activity, identify and investigate events in real-time, and provide a proactive response across multiple platforms. Providing incident response and troubleshooting in the SIEM infrastructure within defined timeframes (SLA). The position is intended for individuals with high motivation and a desire for professional development, who enjoy investigating internal and external cyber events, analyzing malicious activity, and identifying patterns and relationships between events in organizational systems. The role is dynamic, with continuous learning, utilizing multiple systems designed for monitoring and investigation.

Country:
Israel

City:
Herzliya

Our Security team is looking for a highly motivated and Tech-savvy Application Security Engineer to take part in our application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). You will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.
In this role, you will be required to develop your skills and master both offensive and defensive methodologies in a large-scale, complex cloud environment.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Manage our bug bounty program
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay current with emerging security threats, vulnerabilities, and industry trends to ensure we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams.

Required PRODUCT SECURITY TEAM LEADER
Responsibilities:
Manage and lead a team of product security engineers, overseeing daily operations and ensuring high-quality execution of product security assessments and projects.
Develop and execute the strategic roadmap for the team, aligning with the groups KPIs, organizational goals, and industry best practices.
Oversee post-production activities, tools, and procedures, such as penetration testing, WAF policies, and runtime protection policies, in advanced Kubernetes (k8s) environments, micro-services architectures, and cutting-edge CI/CD pipelines.
Manage the companys bug bounty programs, collaborating with external security researchers.
Plan, manage, and execute security projects, coordinating cross-functional teams to ensure timely and effective implementation of security initiatives.
Collaborate closely with software architects, security champions, and R&D teams to triage security findings and develop mitigation strategies.
Be responsible for monitoring and protecting the companys external attack surface by leading the design and development of internal (and our OSS) security tools and proprietary products. More about how we manage our attack surface: The Continuous Recon Mindset
Develop and conduct security training sessions for R&D and other departments to foster a strong security culture within the organization.
Lead incident response efforts, coordinating with the incident response team during security crises to ensure swift and effective resolution.
Promote continuous improvement in security methodologies, staying abreast of the latest trends and threats.
Ensure compliance with EU GDPR, CCPA, and other relevant standards by guiding technological compliance efforts.