לוח משרות דרושים חוקר סייבר בתל אביב יפו

We are seeking a Senior Security Researcher - Cloud Threats to join our highly technical product research team working at the core of our cloud security platform.

This is a rare opportunity to join an elite cloud security research team and do work that directly shapes our product. In this role, you will own the research direction for our Cloud Detection and Response (CDR) capabilities, designing detection strategies across agentless and agent-based telemetry, expanding coverage across cloud attack surfaces, and developing prioritization mechanisms that help customers focus on what matters.

You will perform novel security research to uncover attacker behavior, develop detection methodologies, and apply detection-as-code principles to build production-grade detections. Beyond product work, you'll contribute to Tenable's external thought leadership, writing and speaking about cloud threats, adversary tradecraft, and detection methodologies.

We're looking for an exceptional, adversary-focused security researcher who can bridge threat intelligence, cloud security knowledge, and detection engineering. You're curious, comfortable with ambiguity, and driven to understand how attackers operate in cloud environments.

Your Role:

Own the research direction for Cloud Detection and Response (CDR), driving the vision for how we detect and respond to cloud threats.
Design detection strategies across agentless and agent-based telemetry sources, focusing on quality and detecting what matters.
Perform novel security research to uncover attacker tradecraft, techniques, and behaviors in cloud environments, informing both product direction and external research.
Apply detection-as-code principles to build production-grade detections that ship directly in the Tenable Cloud Security platform.
Stay current with emerging cloud threats and translate threat intelligence into actionable detection logic and product capabilities.
Write and speak about cloud threats, adversary tradecraft, and detection methodologies to strengthen Tenable's voice in cloud security.

We are seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across Tenable's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.

Your Role:

Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as Tenable's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution. You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.

Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.



Roles and Responsibilities:

Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Required Threat Intelligence Researcher- CTI
The Dream Job
We are on an expedition to find you, someone who is passionate about turning research into reliable, production-grade capabilities. Youll play a major role in building and shaping our next-gen CTI platform across attribution, pivoting, infrastructure prediction, EASM, and the STIX/OpenCTI knowledge base.
The Dream-Maker Responsibilities
Execute the CTI research roadmap across attribution, infra prediction, EASM, and the STIX knowledge base.
Design and implement graph-pivoting, attribution heuristics, and temporal/link models (sequence/survival/Hawkes-style).
Build high-signal EASM detectors: passive discovery and safe active probing per ROE; capture reproducible evidence.
Normalize, enrich, and deduplicate intel into STIX 2.1 aligned to our ontology; maintain/enhance TAXII/OpenCTI/MISP connectors.
Ship detectors/models and enrichment services with AI/Platform teams; contribute tests, docs, and runbooks.
Curate datasets, define ground truth, and evaluate KPIs (coverage, lead-time, precision/recall, FPR); iterate to improve signal-to-noise.
Produce watchlists, concise briefs, and early-warning hypotheses for stakeholders and priority investigations.
Uphold governance, ethics, provenance, and data-quality standards.

Required Malware Researcher- CTI
The Dream Job
As a Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

We are seeking an experienced, visionary Cyber Research Team Lead to guide and grow a multidisciplinary cyber research team. You will lead a group of domain experts - from network engineers and identity specialists, to red-teamers, protocol researchers, penetration testers, data analysts and cloud/virtualization experts - working collaboratively to build our next-gen AI-based posture management platform. As team lead, you will both manage the team and shape the research agenda: coordinating cross-domain investigations, defining priorities, mentoring researchers, and ensuring that research output feeds directly into scalable, intelligent workflows and product capabilities.
If youre passionate about cyber research, enjoy nurturing technical talent, and thrive on building complex, multi-domain security products - this is your chance to build and lead a research team that defines how AI defends modern enterprise infrastructure.
The Dream-Maker Responsibilities
Lead, mentor, and coordinate a diverse, multi-domain cyber research team.
Define and drive the teams research agenda, establishing multi-domain security research priorities aligned with company goals and product roadmap.
Translate research findings into actionable AI-based deliverables - such as automated workflows and agentic flows integrated into the AI-based posture management product.
Coordinate and work in multidisciplinary squads to build customer facing product, ensuring real-world relevance and impact.
Maintain research excellence and innovation culture - encourage internal knowledge-sharing, code/tool reuse, and continuous learning.
Recruit, grow, and manage talent -identify skill gaps, hire new researchers, mentor researchers, and foster a collaborative, high-performance team environment.
Stay current with emerging cyber threats, infrastructure trends (cloud, virtualization, identity systems), adversarial techniques and AI-driven security trends - and evolve research strategies accordingly.

: Were looking for a hands-on AI Cyber Intelligence Engineer - in the domain of attack surface. Someone who lives and breathes cyber security, loves exploring how attackers move through real environments, and is excited to shape how AI can automate and extend that process.
In this role, youll analyze real-world environments, identify potential attack vectors, and work closely with our AI engineering teams to translate your domain expertise into actionable, intelligent workflows. Youll play a key role in guiding how our platform learns to think and act like a top-tier security analyst.
The Dream-Maker Responsibilities
Design and shape AI-driven security agents by encoding expert attacker and defender reasoning into agentic flows, prompts, decision logic, and investigative strategies.
Translate offensive security and red-team expertise into structured knowledge that enables AI systems to identify, prioritize, and reason about real-world attack paths in complex enterprise environments.
Model attacker behavior and multi-step attack scenarios, focusing on lateral movement, privilege escalation, and cross-domain exploitation - and guide how AI agents simulate and evaluate these scenarios.
Act as a domain expert partner for product and engineering teams, ensuring AI-driven security decisions remain grounded in real attacker tradecraft and operational reality.

Required Senior Threat Intelligence Researcher
The Dream Job
As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen our understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
The Dream-Maker Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with our customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in our internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Required Senior Malware Researcher
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Required Security Researcher
The Dream Job
We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Dream-Maker Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

We are seeking a Threat Researcher to analyze enterprise environments and strengthen network resilience. This role focuses on researching device configurations, network relationships, and lateral movement opportunities, while developing methods and tools to harden infrastructures against advanced threats.
The ideal candidate will also support PoCs by applying research capabilities to real-world govermental environments and working closely with customers to validate threat scenarios and demonstrate cyber value.
The Dream-Maker Responsibilities
Analyze various network devices, configurations, and security products
Implement methods and algorithms to discover network topology, relationships between devices, and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers' network infrastructure and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Drive threat research efforts in customer and PoC environments to uncover, simulate, and validate real-world attack scenarios, demonstrating cyber value through our Security platform capabilities
Translate technical research findings into actionable insights for customer-specific environments.
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams
Produce technical reports and research publications to share findings and methodologies.

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed.
This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.
We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles.
You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team.
Specifically, your focus will be on:
Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests.
Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements.
Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis.
Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings.

As an Asset Intelligence Research Manager, you will lead a high-impact research team dedicated to decoding the "DNA" of enterprise assets, from Cloud instances to Industrial OT. You will bridge the gap between deep technical discovery and product innovation for our CAM and CPA lines. You will drive the transition from manual research to AI-automated intelligence at scale within a collaborative environment.

Responsibilities
Team Leadership: Directly manage and mentor a specialized team of researchers, overseeing task prioritization and professional development.
AI Integration: Implement AI and LLM-driven workflows to automate asset identification, fingerprinting, and technical documentation parsing.
Cross-Functional Synergy: Act as the primary technical liaison between Research, Product (CAM/OT), and Engineering to translate findings into features.
Technical Deep Dives: Lead research into network protocols (TCP/IP) and device signatures to improve discovery and classification engines.
Data-Driven Strategy: Use Python and SQL to query massive datasets, identify emerging asset patterns, and build functional research scripts.

As a Security Research Team Leader, you will lead a high-impact research team dedicated to decoding the "DNA" of enterprise assets, from Cloud instances to Industrial OT. You will bridge the gap between deep technical discovery and product innovation for our CAM and CPA lines. You will drive the transition from manual research to AI-automated intelligence at scale within a collaborative environment.

Responsibilities
Team Leadership: Directly manage and mentor a specialized team of researchers, overseeing task prioritization and professional development.
AI Integration: Implement AI and LLM-driven workflows to automate asset identification, fingerprinting, and technical documentation parsing.
Cross-Functional Synergy: Act as the primary technical liaison between Research, Product (CAM/OT), and Engineering to translate findings into features.
Technical Deep Dives: Lead research into network protocols (TCP/IP) and device signatures to improve discovery and classification engines.
Data-Driven Strategy: Use Python and SQL to query massive datasets, identify emerging asset patterns, and build functional research scripts.