לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

We're looking for an Application Security Researcher with a strong AppSec background to join our growing team and push the boundaries of what modern application security can do.

Passionate about AppSec? Ready to shape the future of application security tooling? Join us.

Responsibilities:

Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Write and publish technical content covering vulnerabilities, detection strategies, incident analysis, and research findings.
Collaborate closely with engineering, product, and marketing to translate research into product innovation and thought leadership.

We are looking for a Cyber Security Researcher to drive innovation in security defenses for on-premises and cloud environments. Your primary focus will be twofold:

1. Researching and developing novel defensive mechanisms to detect and mitigate advanced threats.

2. Contributing to open-source security tools by developing new solutions and enhancing existing ones.If you have a passion for security research, a strong technical foundation, and a drive to make meaningful contributions to the cybersecurity community, wed love to hear from you.


Responsibilities:
Research and prototype novel security defense techniques for on-prem and cloud-based systems

Analyze modern attack techniques and develop countermeasures to mitigate them.

Design, develop, and improve open-source security tools to help defenders detect and respond to threats.

Reverse engineer malware, attack tools, and security mechanisms to identify vulnerabilities and improvements.

Investigate Windows internals and authentication protocols (NTLM, Kerberos, SAML, OAuth) to enhance security defenses.Write secure, efficient, and maintainable C/C++ code for research and tooling purposes.

Collaborate with the security research community and contribute to blogs, whitepapers, and conference talks.

Stay ahead of the evolving threat landscape and propose innovative security solutions.

Were looking for a Product Security Architect to play a key role in ensuring our ML/AI platform remains secure while fostering innovation within our R&D team. If you have a strong security background and want to impact a fast-growing company, wed love to meet you!

You will be responsible for:

Designing secure systems and conducting threat modeling for new and existing features.
Identifying and mitigating security risks in architecture, applications, and infrastructure.
Performing security assessments, audits, and ensuring compliance with standards like ISO27001, PCI-DSS, and GDPR.
Integrating security best practices into CI/CD pipelines and development workflows.
Improving Secure Development Lifecycle (SDLC) practices within R&D and Product units.
Providing guidance and mentorship to development teams on secure coding and security principles.
Collaborating with engineering, product, and DevOps teams to embed security into all aspects of development.
Reviewing tools and processes to detect security threats and enhance security posture.
Communicating security risks and recommendations to technical and non-technical stakeholders.

Were looking for a Junior BCP and GRC Analyst to join our team and help strengthen the organization's resilience and compliance frameworks. In this role, you will support the development and implementation of Business Continuity Plans (BCP), Disaster Recovery (DR) strategies, and security governance practices across the company.
Youll work closely with IT, Security, Legal, and Operations teams to coordinate drills, write and embed security policies, manage vendor risk assessments, and assist in internal and external audits. This role is ideal for someone who is detail-oriented, proactive, and eager to grow in the fields of risk management, cyber security, and compliance.
If you have strong organizational skills, a good understanding of security standards (such as ISO 27001, SOC 2, GDPR), and thrive in a dynamic,

A leader in disaggregated high-scale networking solutions for service providers and AI infrastructures. Founded in December 2015, created a radical new way to build networks by adapting the architectural model of the cloud to telco-grade networking. This solution accelerates network deployment, improves the networks economic model, and radically simplifies network operations. With customers including Comcast, Orange, and KDDI - over 80% of AT&Ts network traffic now runs through a disaggregated core powered by software. Network Cloud-AI solution, based on the same technology, was introduced to the market in 2023, providing the highest-performance Ethernet-based AI networking solution, and is already deployed by Hyperscalers, NeoClouds and Enterprises. Raising over $587 million in three funding rounds, continues to deploy the most innovative network infrastructure and is looking for the most talented people to be part of this journey.

Role Summary
We are seeking a seasoned Senior Security Engineer to lead the execution of security operations and internal security initiatives. This highly technical role will be the principal hands-on engineer responsible for securing our corporate and cloud infrastructure, supporting detection and response, and maturing security controls across the business. This role is ideal for someone who thrives in fast-moving environments, enjoys solving technical challenges end-to-end, and can independently drive security projects in close collaboration with IT, DevOps, and engineering.

Key Responsibilities
Serve as the lead technical resource for internal security operations, including:
Endpoint and network security
AWS and Azure security configuration
Identity and Access Management (Entra ID, AWS IAM)
Threat detection and incident response
Design, implement, and optimize security tooling, monitoring, and controls
Collaborate with IT, DevOps, and engineering teams to design secure architectures and troubleshoot issues
Support compliance, audit, and risk management activities through technical controls and documentation
Collaborate with and mentor other security engineers and promote security best practices across the company
Lead or contribute to cross-functional security initiatives and internal project planning

driving and leading the next generation networks with our solution. Founded to solve the data explosion challenge, our cutting-edge technology and solution have created a paradigm shift in the economy of networks. Through smart and high-performance bit processing on merchant silicon and commodity hardware, we enable new revenue opportunities and sustainable growth for our customers, even as Internet usage explodes. Our system is a cornerstone of this mission, and we are looking for a talented developer to take it to the next level.

About the Role
We are looking for a hands-on and experienced Application Security Team Leader to drive our product and infrastructure security strategy and execution.
You will lead a team responsible for integrating security into our development workflows, managing vulnerabilities, and securing our use of open source and third-party components. This role requires both strong technical skills and the ability to lead and collaborate across multiple engineering functions.

Key Responsibilities
Team Leadership & Strategy
Build and lead the Application Security team, setting goals and ensuring successful delivery of security initiatives.
Define and drive the application security roadmap in collaboration with R&D, DevOps, and Product.
CI/CD Security Tool Integration
Oversee integration and maintenance of SAST, SCA, and DAST tools in CI/CD pipelines.
Ensure security checks are automated and embedded early in the development lifecycle.
Open Source & Package Mapping
Guide the team in mapping and maintaining an inventory of open source and third-party components across the product.
Identify critical dependencies and oversee continuous monitoring and hardening efforts.
Vulnerability Detection, Tracking & Reporting
Lead monitoring for CVEs affecting the OS, kernel, standard packages, and containers.
Ensure vulnerabilities are documented, tracked, and addressed through coordinated patching and remediation.
Communicate risks and progress to stakeholders via clear, actionable reports.
Risk Mitigation & Component Hygiene
Oversee efforts to identify and replace outdated or redundant software components.
Ensure timely updates of third-party packages to mitigate known vulnerabilities.
Promote secure software component usage and lifecycle management across teams.

We are looking for an experienced Vulnerability Researcher to lead our world-class vulnerability research team.
As a Vulnerability Researcher Team Lead, you will perform research and responsible disclosure on the latest open-source software, working with your team to find flaws in the most popular components today. The position requires proven experience in vulnerability research, both on web applications and native applications.
As a Vulnerability Researcher Team Lead you will...
Research zero-day vulnerabilities in open-source projects and popular web applications
Manage a team of senior researchers, setting the teams research targets and methodologies
Manage the coordinated disclosure process for vulnerabilities identified by the team
Write & review technical blogposts for vulnerabilities identified by the team
Speak in the most important global security conferences about vulnerabilities identified by the team.

Senior Security Data Analyst Client Side Protection
Join our Code Defender team as a Security Data Analyst, where you'll have ownership over the product's detection framework and lead data-driven processes to enhance and refine our security capabilities. Code Defenders mission is to detect and defend against client-side JavaScript threats like Magecart attacks, while helping our customers stay compliant with evolving security and privacy standards. This role requires a proactive and analytical professional dedicated to advancing Code Defenders detection infrastructure and metrics.
What Youll Do:
Detection Framework Ownership: Own and continuously evolve Code Defenders detection framework, leveraging data-driven processes to maximize detection accuracy and efficiency.
KPIs Dashboards Development: Design, develop, and maintain KPIs and dashboards that showcase Code Defenders performance and inform product strategy.
Detection Mechanism Innovation: Research, design, and enhance detection mechanisms to stay ahead of emerging client-side threats.
Cross-Team Collaboration: Work closely with the technical research and development teams to support end-to-end product improvements and drive a unified approach to detection enhancement.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that our company remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet our company.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

Senior Security Data Analyst Client Side Protection
Join our Code Defender team as a Security Data Analyst, where you'll have ownership over the product's detection framework and lead data-driven processes to enhance and refine our security capabilities. Code Defenders mission is to detect and defend against client-side JavaScript threats like Magecart attacks, while helping our customers stay compliant with evolving security and privacy standards. This role requires a proactive and analytical professional dedicated to advancing Code Defenders detection infrastructure and metrics.
What Youll Do:
Detection Framework Ownership: Own and continuously evolve Code Defenders detection framework, leveraging data-driven processes to maximize detection accuracy and efficiency.
KPIs Dashboards Development: Design, develop, and maintain KPIs and dashboards that showcase Code Defenders performance and inform product strategy.
Detection Mechanism Innovation: Research, design, and enhance detection mechanisms to stay ahead of emerging client-side threats.
Cross-Team Collaboration: Work closely with the technical research and development teams to support end-to-end product improvements and drive a unified approach to detection enhancement.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that our company remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet our company.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

Conduct penetration testing on applications and network environments to identify vulnerabilities and security gaps.
Develop and document testing plans and penetration test reports with clear findings and recommendations.
Perform reconnaissance and network surveys to assess target environments.
Research security tools, exploits, and emerging threats, contributing to blogs and knowledge-sharing initiatives.
Analyze vulnerabilities, exploit weaknesses, and escalate access where applicable.
Assist in malware analysis and breach investigations to support incident response efforts.
Stay up to date with the latest attack techniques, tools, countermeasures, and technologies.
Mentor new team members and contribute to the development of tools, templates, and methodologies for penetration testing.

We are looking for a Network Engineer, who is motivated, self-managed, team player with good interpersonal skills to be responsible for:

Engaging with customers worldwide to understand and address their technical requirements.
Deploying the company's cutting-edge Beta software and hardware on customers' sites, ensuring a seamless experience prior to market release.
Collaborating directly with development teams, QA engineers, and managers at all levels.
Conducting comprehensive testing, debugging, and documentation of beta deployments in simulated customer environments and during on-site activities.
Providing effective technical support to beta testing customers.

We are seeking an experienced Vulnerability Researcher to join our team, where our ethos of customer-centric problem solving, ownership, professionalism, and resourcefulness are at the heart of everything we do. The team faces complex research issues daily, solving new challenges and constantly improving the existing solutions. In this key position, you'll dive deep into complex security puzzles, pushing the boundaries of our vulnerability research and solutions. Collaborating on challenges with our team means working with the leading cloud platforms (AWS, GCP, Azure) and leveraging advanced technologies like Kubernetes, EBPF, Docker, and more.
Responsibilities :
Vulnerability research in the major Cloud providers and cutting-edge technologies.
Collaborate with teams across the organization, including Product, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead offensive investigations in Kubernetes, eBPF, AI/ML‑based anomaly detection, and runtime security, translating findings into production‑grade detections.
Create authoritative content white‑papers, conference papers, blogs, and release notes that educate users and elevate Upwinds brand.
Deep dive into threat detection and product content that provide our customers deep insights and added value.

Were looking for a highly technical and creative Security Researcher to join our research group. This role is central to navigating complex security landscapes, advancing our CNAPP offerings, crafting sophisticated algorithms, and pioneering cloud security research. Working alongside a diverse team, youll explore the cutting edge of cloud and AI-driven security, uncovering critical vulnerabilities, developing novel detection techniques, and driving impactful research publications. Join us in shaping the future of cloud security, where your work not only advances our technology but also deeply resonates with our commitment to exceeding customer expectations, streamlining for simplicity, and tackling challenges with creative solutions.
Responsibilities :
Collaborate with teams across the organization, including Product, Frontend, DevOps, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead initiatives from their inception through to deployment, emphasizing backend system efficiency, scalability, and reliability.
Innovate in Defense Evasion, amplifying the capabilities of our agents and engines.
Forge new paths in cloud security research and cyber security algorithm development.
Deep dive into threat detection and product content that provide deep insights and added value to our customers.