לוח משרות דרושים מהנדס סייבר בתל אביב יפו

We're looking for a Security Engineer - our company Product to spread the power of our company. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our companys products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing our company-for-our company to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our companys production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our company Federal team - extending our DevSecOps and Product Security practices to our companys FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our companys engineering and operations teams - helping them deliver secure-by-design solutions.

Were looking for an Application Security Engineer with a passion for AppSec to join our growing team.
Responsibilities:
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.
This role demands a practitioner who thinks like an attacker, possesses a developers urge to automate, and has the broad landscape understanding to connect dots across complex, modern domains.
What Youll Do:
Promote Enterprise-Grade Security Initiatives: Engineer and scale the security strategy for entire product ecosystem, spanning both internal infrastructure and external-facing products. You will ensure code security at scale by hardening the SDLC, securing the Software Supply Chain perimeter, and designing the technical guardrails for AI adoption at both the enterprise and product levels.
AI Solutions Builder: scale our security program using AI-driven tools. You will develop and fine-tune autonomous agents to handle complex code analysis, vulnerability hunting, and automated remediation.
Drive Early Adoption of Frontier Tech: Act as a scout and evaluator for the worlds most innovative security startups. Youll partner with cutting-edge vendors in emerging fields like AI Security and Cloud Runtime Security, ensuring remains an early adopter of state-of-the-art defensive systems.
Scale Through Engineering: Move beyond manual reviews. Youll manage and extend AppSec tools to eliminate false positives and build custom logic that reflects our unique codebase.
Collaborative Engineering: Work alongside our in-house DevOps team to rapidly deploy custom security tools at an enterprise grade.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.

Were looking for a Threat Engineer to assess and develop our state-of-the-art detection solution. In this role, you will own the security coverage of our detection platform and guide development to strengthen our customers' resilience to emerging unknown threats. Your expertise in cyber security will drive our true AI-driven detection platform.
The Dream-Maker Responsibilities
Work closely with developers and data scientists to produce AI detection models.
Apply your cyber expertise to investigate emerging threats and define technical requirements to mitigate them.
Continuously assess and evaluate security coverage and false-positive rates.
Architect and build scalable solutions for evaluating the platform security metrics.
Bring your excellent interpersonal skills to foster collaboration and maintain a positive attitude within the team.

Required Staff Windows Detection Engineer
What are we looking for?
We are looking for a talented detection engineer, someone who looks at the world differently, who explores, hunts, lives to beat the system and challenge it. Someone who can address tough security problems and deliver solutions quickly.
Why us?
Because you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them.
You will work with the very BEST in the industry in a flexible and independent environment.
You will influence the design of a disruptive product that will shape the security industry of tomorrow.
What will you do?
You will be responsible for detecting the newest malware and exploits based on our EPP platform. The role includes an end to end responsibility for behaviour based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

Required Staff Windows Detection Engineer
What Are We Looking For?
Were looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.
As a Staff Windows Detection Engineer, you will research and detect the latest malware and exploits on the EPP platform. You will reverse-engineer samples to design and implement robust detection methods that prevent sophisticated attacks. Additionally, you will develop custom research tools and PoCs to strengthen protection across millions of endpoints.
Why us?
Because you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them.
You will work with the very BEST in the industry in a flexible and independent environment.
You will influence the design of a disruptive product that will shape the security industry of tomorrow.
What will you do?
You will be responsible for detecting the newest malware and exploits based on our EPP platform. The role includes an end to end responsibility for behaviour based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

Were seeking a Security Lead to join our team. This role is ideal for someone who can shape security foundations from the ground up. Youll solely build, lead and scale our security program across product, infrastructure and internal operations. This is a hands-on leadership role in which you will define our security strategy, drive execution, take ownership of maintaining security within our cloud environment and ensure that our customers, partners and employees can trust our platform and data handling.

Responsibilities

Embed secure-by-design and secure-by-default practices into the SDLC, partnering with engineering on threat modeling, secure code reviews, SAST/DAST, vulnerability management, and integrating practical, developer-first security solutions directly into development workflows.
Manage hands-on application and cloud security execution, reviewing code, hardening services, improving AWS/GCP configurations, IAM, networking, and secrets management, building cloud posture management, and integrating security into CI/CD, containers, and infrastructure-as-code.
Drive LLM and GenAI security innovation, implementing guardrails, prompt injection protections, MCP authorizations, and AI-specific security controls to ensure resilient and safe AI-powered systems.
Own incident response and security operations end-to-end, including preparation, detection, mitigation, root-cause analysis, remediation, communications, and developing internal standards, playbooks, and automation to scale the function from scratch.
Lead privacy, data lifecycle, and compliance initiatives, owning SOC 2, ISO 27001, GDPR, and regulatory readiness, while representing security in customer and partner discussions and translating technical controls into business assurance.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader - dont miss it!
What Youll Do
Own and operate our endpoint security stack - EDR, EPM, and device compliance - across the organization
Define and enforce endpoint posture and hardening standards at scale
Build and evolve Identity Security controls using Entra ID (Azure AD) - including access policies, hardening, and attack surface reduction
Continuously improve authentication, authorization, and identity-based defenses
Take ownership of our SaaS Security posture using SSPM solutions - identifying risks, misconfigurations, and exposure across applications
Drive visibility, governance, and control across our SaaS ecosystem
Partner with IT, Security, and Engineering teams to turn risks into practical, enforceable controls
Act as a technical escalation point for complex issues across endpoint and identity domains
Lead initiatives end-to-end - from problem definition to implementation and continuous improvement.

we are looking for a high-energy, talented people to join the company Security team. As a Security Engineer, you will take part in product content development and build logics and signatures to mitigate emerging security threats. Your work outcome will feed our company Cloud security products such as the IPS and Suspicious Activity Monitoring with the latest protections. You will analyze protocols and investigate various attacks utilizing network analysis tools and modern data analysis frameworks. Joining our company is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security.
Responsibilities:
Research and analyze new threats and develop product content such as IPS signatures and logic to provide the best protection for our companys customers.
Enhance product accuracy and its ability to detect new threats in the dynamically-changed security landscape.
Monitor your work using different monitoring tools and methods over the cloud.
Utilize our company Data Warehouse with big-data technologies to support your work.

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.