לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

were looking for a Incident Management Analyst to help ensure the stability and reliability of our global IT services.
As a key member of the IT Operations team, youll support the rapid response and coordination of critical IT incidents. This role is ideal for someone who thrives in fast-paced environments, communicates clearly under pressure, and enjoys working cross-functionally to solve complex operational challenges.
Youll work closely with technical teams, stakeholders, and leadership to ensure incidents are managed efficiently, communication flows smoothly, and services are restored as quickly as possible. Your work will play a key role in maintaining service continuity and minimizing business impact.

What Youll Do

Identify, log, and classify major IT incidents reported by internal teams or external users
Coordinate response efforts by engaging appropriate technical teams and vendors to diagnose and resolve incidents,coordination calls and document actions, updates, and timelines
Track incidents ,provide a clear and timely communication between technical teams, business stakeholders, and leadership during major incidents. Along with root cause analyses (RCAs), including performance incidents reports,
Assist in preparing RCA reports and ensure documentation and communication are completed as required, Be a contribute to knowledge base articles.
Support daily review meetings to discuss recent and ongoing high-priority incidents and operational work
Follow established Major Incident and Change Management processes, policies, and tools
Generate reports, dashboards, and performance metrics for operational and leadership reviews
Support process adoption and assist with training or guidance related to incident management practices

we are looking for a Cyber Security Risk & Compliance Specialist .
As a key member of the CISOs office, you will play a vital role in ensuring organizational resilience through risk management, policy enforcement, and compliance with stringent financial regulations. This position focuses on providing high-level oversight of technological processes, supporting complex projects, and continuously enhancing the organization's defense posture.
Responsibilities:
GRC & Policy Leadership: Writing, implementing, and updating information security policies and procedures. Ensuring alignment with banking standards and regulatory requirements (e.g., Directive 364).
Risk Assessment (CRA): Performing comprehensive cyber risk assessments for new systems and technological initiatives.
Oversight & Monitoring: Analyzing SIEM/SOC findings and technical risks. Providing guidance to implementation teams to improve detection capabilities and log management.
External Audit Management: Defining the scope and managing third-party security audits. Analyzing findings and tracking remediation efforts.
Security Benchmarking: Conducting comparative analysis of security products and general software from an information security perspective.
Detection Strategy: Formulating recommendations for log optimization, defining new alerts, and evaluating the effectiveness of existing control tools.
Strategy & Awareness: Building the annual information security work plan, leading cyber simulations, and conducting organizational security awareness training.

Conduct research and analysis on microtrends as well as specific incidents in the maritime world based on the interests of current and potential clients. Perform ad-hoc research and analysis on emerging trends in the shipping and maritime domain as it relates to client concerns. Stay current of different arenas and distribute this information internally. Closely follow the news and data on maritime security events for important developments and distribute analysis internally and externally. Analyze patterns and search results of the system to generate new insights and create content relevant to customers. Recommend process improvements where applicable. Maintain and update our knowledge center and training materials.



Who Are you?



Naval Intelligence / Think tanks & OSINT NGOs / Maritime Fusion & Security institutes / International Relations background

Proven experience in analyzing and visualizing research insights including analysis of GEOINT/OSINT/ADINT/ELINT etc. data



Responsibilities

Develop and deliver reports by analyzing data via the Windward platform, as well as with relevant open-source research tools
Provide insights from data analysis to support decision-making processes
Ensure and incorporate feedback to improve and maintain data quality
Seek to improve processes to exceed customer expectations
Provides clear documentation for all relevant processes when necessary

We are looking for a top-notch Security Researcher, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats, while leveraging LLM capabilities to automate investigation procedures.
Responsibilities:
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the mission and work closely with customers regarding cyber security investigations and incidents detected in their environments

Were looking for an Application Security Engineer with a passion for AppSec to join our growing team.
Responsibilities:
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

we are looking for an experienced Cyber Security Consulting Manager (Engagement Manager) to lead proactive consulting engagements with clients worldwide. The appropriate candidate will be responsible for the engagement lifecycle - from engagement planning, throughout the day-to-day engagement execution, management of consulting team and client interaction, until the successful engagement presentation and delivery.
Main Responsibilities:
Lead a team of top cyber security consultants (matrix management), to conduct and deliver a variety of proactive cyber security assessments and resilience-enhancing engagements.
Work on multiple engagements in parallel, at client sites or remotely.
Ensure the timely and successful delivery of services according to the engagement scope, objectives, budget, timelines, and clients needs.
Develop and present status updates and summary reports to a variety of audiences, including technical teams, CISOs, CIOs/CTOs, and executive management.
Serve as the trusted advisor to industry-leading multinational organizations, acting as the primary point of contact with clients before, during, and after engagements.
Support the building of long-term relationships with clients, ensuring continuous client impact and success.
Participate in and lead business development activities, internal capability-building efforts, methodology development, and strategic discussions.

we are looking for a Incident Response Director.
The Incident Response Director will be key to the success of Incident Response projects worldwide, and should possess strong leadership and client-facing skills, be highly technical and thrive in a fast-paced and dynamic environment.
Main Responsibilities :
Lead multiple teams of top-tier cyber security researchers and forensic experts responding to large-scale and complex cyber-attacks globally, beating real-world sophisticated threat actors.
Become a trusted advisor for client executives during incidents, and the main escalation point for crisis management.
Oversee all client-facing engagements within the EMEA region, assuring top quality delivery standards.
Train, guide and empower team leaders and team members, enhancing their technical, managerial, and consulting skills.
Support efforts to generate new business, by creating professional content and attending events, conferences and client meetings.
Be part of the management group Sygnias global IR department, lead and take part in cross-company projects and cooperations.

We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.
This role demands a practitioner who thinks like an attacker, possesses a developers urge to automate, and has the broad landscape understanding to connect dots across complex, modern domains.
What Youll Do:
Promote Enterprise-Grade Security Initiatives: Engineer and scale the security strategy for entire product ecosystem, spanning both internal infrastructure and external-facing products. You will ensure code security at scale by hardening the SDLC, securing the Software Supply Chain perimeter, and designing the technical guardrails for AI adoption at both the enterprise and product levels.
AI Solutions Builder: scale our security program using AI-driven tools. You will develop and fine-tune autonomous agents to handle complex code analysis, vulnerability hunting, and automated remediation.
Drive Early Adoption of Frontier Tech: Act as a scout and evaluator for the worlds most innovative security startups. Youll partner with cutting-edge vendors in emerging fields like AI Security and Cloud Runtime Security, ensuring remains an early adopter of state-of-the-art defensive systems.
Scale Through Engineering: Move beyond manual reviews. Youll manage and extend AppSec tools to eliminate false positives and build custom logic that reflects our unique codebase.
Collaborative Engineering: Work alongside our in-house DevOps team to rapidly deploy custom security tools at an enterprise grade.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

We are looking for a passionate and experienced Governance, Risk, and Compliance (GRC) operations specialist to contribute to our companys efforts in making the most security and trusted provider of digital asset management solutions.
This role is critical in driving our day-to-day GRC programs, ensuring they are well maintained, run according to schedule, and align with our business needs.
As the GRC operations specialist, you will oversee the successful implementation and progress of GRC programs, practices, and projects, while collaborating with multiple cross-functional teams within the security department and outside of it.
What You Will Do:
Own, manage, and continuously improve the companys Third Party Risk Management (TPRM) program, making sure it is both aligned with expected security standards and best practices, and meets business requirements and SLAs.
Own, manage, and continuously improve the companys security awareness program, making sure its scope, content, cadence and overall performance are always aligned with the latest and most relevant expectations, while also well received and relevant to the business.
Manage ongoing operations within the GRC team including project management and tracking, financial planning and reporting, annual and periodic planning, and more.
Drive ongoing GRC efficiency through innovation, automation, data-driven decision making research and exploration.
Support and contribute to ongoing GRC operations such as internal and external audits, risk assessments, certification processes, policy management, business continuity program and more.

We are looking for a senior, hands-on Security Operations Lead to build, mature, and operate detection, response, and corporate security capabilities. You will own the engineering, workflows, and processes that keep secure day-to-day, while continuously improving visibility, automation, and operational resilience across both corporate and production environments. This role requires a technical operator who can architect scalable detection and response pipelines, manage endpoint and identity security controls, streamline GTM security enablement, and collaborate across the company to reduce risk. You will balance strategic direction with hands-on execution-ensuring threats are identified quickly, incidents are handled effectively, and the organizations operational security posture remains strong as grows.
Responsibilities:
Own and mature Detection & Response program, including alerting, triage workflows, incident playbooks, and end-to-end response processes.
Build and maintain detection logic, integrations, and automation across logging, SIEM, EDR, cloud telemetry, and internal monitoring systems.
Lead incident investigations, coordinate response across engineering and business teams, and ensure clear communication and post-incident reviews.
Manage Corporate Security Program, including identity and access management, endpoint posture management, corporate data security controls, and DLP practices.
Oversee privileged access workflows and JIT access for corporate and production systems in alignment with least-privilege principles.
Partner with engineering teams to ensure production environments maintain strong security baselines, logging, and monitoring coverage.
Collaborate with GTM/Sales teams to support Security Enablement, including third-party security questionnaires, customer assurance needs, and auditor inquiries.
Build automation-first operational processes that reduce manual overhead and provide consistent, repeatable security outcomes.
Develop and refine detection and response runbooks, escalation paths, and cross-team coordination models.
Maintain and improve incident and operational metrics, dashboards, and KPIs to measure operational efficiency and threat coverage.
Drive the intake and prioritization of security operations requests through Jira and internal workflows.
Work closely with Product Security, Cloud/DevOps, and GRC to ensure shared visibility and aligned operational practices.
Identify operational security gaps, propose improvements, and lead implementation efforts across tooling, processes, and controls.
Promote a culture of proactive detection, fast response, and shared responsibility for organizational security.

We are looking for an Information Security Coordinator to join the team responsible for ensuring the organizations compliance with the most stringent information security and privacy standards.



Responsibilities:

Manage and maintain security and privacy standards (ISO 27001, ISO 27701, ISO 22301, SOC2).
Lead risk assessments, gap analysis, and audit preparation.
Coordinate penetration tests and periodic security reviews.
Manage audit findings and respond to customer security questionnaires.
Own the Security Awareness program.
Monitor compliance with relevant regulations and work with external vendors.
Support Business Continuity (BCP/DRP) activities.

A Software company, developing a Cloud Security Platform, is looking for a Senior Cloud Security Software Engineer to join her team.

In this role, youll design and build backend components and security features for a scalable cloud security platform, working closely with product, frontend, and infrastructure teams.



What youll do:

Research and adopt new technologies.
Design and implement cloud security features.
Build MVPs for new product capabilities.
Write clean, efficient Go code.
Design data models and database schemas.
Write unit, component, and integration tests.
Debug and troubleshoot production issues.
Participate in code reviews and contribute to team standards.
Collaborate with frontend and platform teams on end-to-end integrations.
Assist with documentation and occasionally represent the product through blogs or talks.

We are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science. We are a cybersecurity firm specializing in advanced adversary simulation and offensive security testing. We deliver Red Team assessments for Fortune 500 companies, simulating sophisticated, real-world attacks across external, internal, cloud and Active Directory environments. Our services span both stealth-based Red Team operations and risk-focused assessments, covering a wide range of attack surfaces including on-premise and cloud environments.

Responsibilities:
Participate in Red Team and Risk assessments under the guidance of senior team members.
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients.
Learn and simulate attacker tactics, techniques, and procedures (TTPs).
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance.
Participate in our internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios.