לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

we are looking for a SecOps Team Lead.
As the Team Lead of Cloud SecOps & IR, you will be the captain of the front-line defense. You won't just respond to threats; you will build the team and the infrastructure that detects them before they happen. You will lead a group of high-performing engineers to mature our Incident Response program, automate security operations, and partner with R&D and DevOps to ensure our "liquid software" remains secure.
As a Team Lead, Cloud SecOps & IR , you will...
Lead & Mentor: Manage a team of SecOps engineers, providing technical guidance, career development, and performance management
Strategy & Roadmap: Define the vision for security engineering operations, aligning team goals with company-wide KPIs
Incident Command: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes
Architect Operations: Oversee the design and execution of vulnerability management, SaaS security posture (CASB), and asset management at scale
Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation
Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities
Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management

we are looking for a Offensive Security Team Lead.
As an Offensive Security Team Lead, you will spearhead offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead , you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms

we are looking for a Developer Advocate.
This role sits at the intersection of engineering, product, and the global developer community. Youll translate technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs

We are looking for a Security Researcher to lead our research team. As a research team lead, you will perform security research on open-source projects in both web and low-level technologies, define how to identify exploitable security issues in an automated manner and develop code for that purpose, publish your findings on new vulnerabilities, and manage a team of highly-trained researchers.
As a Security Research Team Lead you will...
Research CVEs and one-day vulnerabilities from various coding languages and technologies, including PoC development
Define how to find exploitable vulnerabilities automatically & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Publish your findings about the research subjects mentioned above

. We are looking for a Security Researcher to join the team. As a researcher, you will perform security research on open-source projects in both web and low-level technologies. You will define how to identify exploitable security issues in an automated manner and develop code for that purpose.
As a Security Researcher you will...
Research CVEs and 1-day vulnerabilities in various programming languages and ecosystems
Define how to automatically find exploitable vulnerabilities & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Write technical reports regarding all research subjects mentioned above

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges.
This is a hands-on Team Lead position, a development-focused role that ensures products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement

We are seeking an experienced compliance professional to join our team and support compliance for our SaaS platform.
About the Position:
As Compliance Lead for the SaaS platform, you will be focused on leading and supporting compliance efforts with various regulatory regimes that apply to our SaaS business, including, but not limited to, economic sanctions, anti-bribery, and anti-corruption programs. In addition to these responsibilities, the Compliance Lead will conduct risk reviews of SaaS business customers and report findings to senior management. Risk reviews will encompass initial assessments of new SaaS licensees and ongoing reviews leveraging public information and blockchain analytics.
To be successful in this role, the candidate will need to work closely with internal and external stakeholders, including senior management, front line business leaders, and prospective SaaS licensees. Expertise in digital asset investigative processes, including customer due diligence and blockchain analysis, will be crucial in establishing and executing operations for this role. The ideal candidate will be comfortable working in a fast-paced environment handling multiple ongoing projects that are delivered on time. We are looking for a candidate armed with a roll-up-your-sleeves mentality and forward-thinking approach that is eager to help across multiple verticals and advise business teams on global risks.
This position reports directly to the company's Senior Director of Compliance and will be an independent contributor initially. This role will be based in the US, with preference for candidates based near our NYC HQ; although qualified candidates from other locations are highly encouraged to apply.

As a Cloud Infrastructure and AI Security, you will play a key role in securing multi-cloud infrastructure, embedding security into DevSecOps, and ensuring AI platforms and agentic integrations are built and operated with enforceable security controls.
This role requires deep, hands-on expertise across Cloud Infrastructure Security and AI Security. You will actively design, implement, and enforce security controls across multi-cloud environments and Agentic AI, working closely with R&D, Product, and DevOps teams to embed security directly into architecture and development from day one.
You will operate at the forefront of cloud security, AI and blockchain, helping define how agentic AI systems are implemented safely in production. This is an opportunity to work on cutting edge technologies, collaborate with experienced security and engineering professionals, and grow within one of the most advanced and rapidly evolving domains in modern security.
What You'll Do:
Design, implement, and maintain security controls across multi-cloud infrastructures
Work closely with R&D teams to understand constraints and risks in Agentic AI and Infrastructure
Design and implement runtime AI security controls (guardrails, filters, policy engines, gateways).
Build protections for LLM inference, agent tool execution, MCP / plugin frameworks, and RAG pipelines.
Implement prompt, input, and output inspection for abuse, jailbreaks, data leakage, and policy violations.
Secure Infrastructure, CI/CD pipelines, and automation workflows by embedding DevSecOps best practices
Conduct security reviews of product features, new technologies and ensure they meet security requirements.
Secure Kubernetes clusters and containerized workloads in production environments
Evaluate AI attack vectors (prompt injection, model poisoning, data exfiltration, jailbreaks, emerging attack patterns) and implement effective mitigations
Collaborate with other security teams to resolve security issues and implement security improvements.
Lead security projects and initiatives across environments to enhance the platform's security.

We are looking for a passionate and experienced Governance, Risk, and Compliance (GRC) operations specialist to contribute to our companys efforts in making the most security and trusted provider of digital asset management solutions. This role is critical in driving our day-to-day GRC programs, ensuring they are well maintained, run according to schedule, and align with our business needs.
As the GRC operations specialist, you will oversee the successful implementation and progress of GRC programs, practices, and projects, while collaborating with multiple cross-functional teams within the security department and outside of it.
What You Will Do:
Own, manage, and continuously improve the companys Third Party Risk Management (TPRM) program, making sure it is both aligned with expected security standards and best practices, and meets business requirements and SLAs.
Own, manage, and continuously improve the companys security awareness program, making sure its scope, content, cadence and overall performance are always aligned with the latest and most relevant expectations, while also well received and relevant to the business.
Manage ongoing operations within the GRC team including project management and tracking, financial planning and reporting, annual and periodic planning, and more.
Drive ongoing GRC efficiency through innovation, automation, data-driven decision making research and exploration.
Support and contribute to ongoing GRC operations such as internal and external audits, risk assessments, certification processes, policy management, business continuity program and more.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.
Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

Were looking for a highly skilled Technical GRC Expert with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology - ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.

We are looking for a senior, hands-on Security Operations Lead to build, mature, and operate Zenitys detection, response, and corporate security capabilities. You will own the engineering, workflows, and processes that keep Zenity secure day-to-day, while continuously improving visibility, automation, and operational resilience across both corporate and production environments. This role requires a technical operator who can architect scalable detection and response pipelines, manage endpoint and identity security controls, streamline GTM security enablement, and collaborate across the company to reduce risk. You will balance strategic direction with hands-on execution-ensuring threats are identified quickly, incidents are handled effectively, and the organizations operational security posture remains strong as Zenity grows.
Responsibilities:
Own and mature Zenitys Detection & Response program, including alerting, triage workflows, incident playbooks, and end-to-end response processes.
Build and maintain detection logic, integrations, and automation across logging, SIEM, EDR, cloud telemetry, and internal monitoring systems.
Lead incident investigations, coordinate response across engineering and business teams, and ensure clear communication and post-incident reviews.
Manage Zenitys Corporate Security Program, including identity and access management, endpoint posture management, corporate data security controls, and DLP practices.
Oversee privileged access workflows and JIT access for corporate and production systems in alignment with least-privilege principles.
Partner with engineering teams to ensure production environments maintain strong security baselines, logging, and monitoring coverage.
Collaborate with GTM/Sales teams to support Security Enablement, including third-party security questionnaires, customer assurance needs, and auditor inquiries.
Build automation-first operational processes that reduce manual overhead and provide consistent, repeatable security outcomes.
Develop and refine detection and response runbooks, escalation paths, and cross-team coordination models.
Maintain and improve incident and operational metrics, dashboards, and KPIs to measure operational efficiency and threat coverage.
Drive the intake and prioritization of security operations requests through Jira and internal workflows.
Work closely with Product Security, Cloud/DevOps, and GRC to ensure shared visibility and aligned operational practices.
Identify operational security gaps, propose improvements, and lead implementation efforts across tooling, processes, and controls.
Promote a culture of proactive detection, fast response, and shared responsibility for organizational security.

Were seeking a Senior Security Researcher to drive end-to-end research initiatives that strengthen detection capabilities. In this role, youll investigate emerging attack surfaces, craft and implement innovative detection logic, and test your findings in real-world environments. Its a hands-on position ideal for someone eager to transform research insights into effective, production-grade security defenses.
Responsibilities:
Research AI Agent and LLM-related risks, such as prompt injection and jailbreaking and implement sophisticated detection strategies.
Conduct research on cloud, web, and API security to uncover new threats and attack vectors.
Develop, refine, and design world-class detection logic and rules to enhance runtime protection.
Perform threat-hunting activities across large data sources to identify emerging attack patterns
Drive full-cycle research: from hypothesis and experimentation to production validation.
Collaborate with engineering and product teams to deliver actionable insights.

Were seeking an experienced Security Solutions Engineer to help us create new automations and scalable solutions for our customers. Your role will be both strategic and tactical, as youll be working directly with customers to understand their requirements, design solutions, and implement security controls. Join us on our mission to help every security team achieve operational excellence.
Your responsibilitie:
Design and implement security solutions to automate the real-world customer pains.
Provide expert advice and recommendations for security solutions that can achieve customer objectives.
Collaborate with the Sales team to establish a reputation for technical excellence and trustworthiness with potential customers.
Work jointly with other Solutions Engineers & Architects to support the Sales team with technical content and call support.
Establish and maintain a knowledge hub or repository of security best practices, resources, and insights.
Collaborate with the marketing team to generate demos, case studies, blogs, and videos.

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.