לוח משרות דרושים הייטק אבטחת מידע / סייבר בנתניה

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement.

Required Developer Advocate
This role sits at the intersection of engineering, product, and the global developer community. Youll translate our technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into our R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent us across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around our core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where we should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs.

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

Required Security Solution Architect
As a Security Solution Architect, you will be a high-impact technical practitioner and the definitive domain expert in Application Security (AppSec) and software supply chain security. You are a strategic "force multiplier" for our Strategic customers Solutions Engineering organization, leveraging deep technical roots to bridge the gap between developer-centric workflows, IT security teams, and executive risk management. You will serve as the technical authority that internal teams and external customers "pull" into their most complex and critical security opportunities.
As a Security Solution Architect you will...
Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring our security capabilities provide a "Future State" blueprint for our most strategic customers.
Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight our unique ability to secure the entire lifecycle.
Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".

Were looking for curious, motivated students to join our GRC (Governance, Risk & Compliance) team and gain hands-on experience at the intersection of security, compliance, and technology.
This is a unique opportunity to be part of a team working on real-world audits, security processes, and innovative GRC automation using AI.
What Youll Be Doing
Youll be involved in a variety of activities across GRC and Security:
Audit & Compliance
Support ongoing audits and certifications (ISO, ITGC, TISAX, SOC 1)
Assist with evidence collection, tracking, and documentation
Help ensure controls are properly implemented and monitored
Security & Risk
Participate in vendor risk assessments and system security reviews
Support Business Impact Analysis (BIA) activities
Work with teams to identify and track risks
Automation & AI in GRC
Assist in building and improving automated GRC processes
Explore and apply AI tools to streamline compliance and security work
Help optimize workflows and reduce manual effort.

We are looking for a Senior Product Security Engineer to join our Information Security team.

This is a founding, high-impact role: the company's sole Product Security authority - responsible for building the product security domain from the ground up, defining standards across our product portfolio, and serving as the go-to expert for engineering teams.

Responsibilities
Define and own the Product Security strategy, roadmap, and standards.
Drive security integration throughout the entire SDLC - from design to production.
Lead secure product design, code reviews, and penetration test remediation.
Establish and enforce API security standards and secure coding frameworks.
Drive and enhance the bug bounty program.

We are looking for a highly skilled Cyber Security Engineer to play a key role in shaping and managing our internal security infrastructure, serving as a key partner to our global workforce.

In this role, you will take on complex security challenges across network security, corporate tooling, and access management.

You will help ensure our employees can work securely from anywhere in the world, leverage AI tools safely, and maintain our fast-paced culture without friction.

Responsibilities

Lead and optimize network security architectures, including modern SASE platforms, VPN configurations, SSL/TLS inspection, routing, and firewalls to ensure a seamless and a highly secure Zero Trust Network Access (ZTNA) environment.

Drive the deployment, configuration, and enhancement of enterprise security platforms, like Endpoint Security (EDR/XDR/DLP) and advanced Email Security suites (including SPF/DKIM/DMARC) from POC phase to production.

Act as a technical authority for our IAM architecture. Define strict security policies (MFA, Conditional Access) and work closely with the IT team to continuously improve our identity-first security posture.

Monitor and maintain our cloud security posture across AWS/GCP/Azure environments (including K8s & Containers). Implement cloud-native security controls, manage configurations, and ensure compliance with security standards across all cloud platforms.

Own the vulnerability management lifecycle for infrastructure, endpoints, and corporate software. Drive scanning, prioritization, and remediation tracking in close collaboration with DevOps and IT teams.

Support security incident response, assist in containment, contribute to post-mortem analysis, and help maintain IR runbooks relevant to your domains.

Help define and enforce secure usage policies for GenAI tools (e.g., Copilot, Claude, ChatGPT) to prevent data leakage.

Perform rapid, pragmatic security assessments for new SaaS applications and browser extensions.