לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

Were looking for a highly technical and creative Security Researcher to join our research group. This role is central to navigating complex security landscapes, advancing our CNAPP offerings, crafting sophisticated algorithms, and pioneering cloud security research. Working alongside a diverse team, youll explore the cutting edge of cloud and AI-driven security, uncovering critical vulnerabilities, developing novel detection techniques, and driving impactful research publications. Join us in shaping the future of cloud security, where your work not only advances our technology but also deeply resonates with our commitment to exceeding customer expectations, streamlining for simplicity, and tackling challenges with creative solutions.
Responsibilities :
Collaborate with teams across the organization, including Product, Frontend, DevOps, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead initiatives from their inception through to deployment, emphasizing backend system efficiency, scalability, and reliability.
Innovate in Defense Evasion, amplifying the capabilities of our agents and engines.
Forge new paths in cloud security research and cyber security algorithm development.
Deep dive into threat detection and product content that provide deep insights and added value to our customers.

We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our security function, focusing on proactive reviews and providing advanced guidance to customers. This is an opportunity to develop your expertise in cloud security while working closely with analysts, researchers, and engineers.
Responsibilities :
Assist in fine-tuning detection and response mechanisms.
Support proactive reviews of customer environments to identify risks, exposed attack surfaces, and recommend improvements.
Lead and conduct in-depth security investigations, documenting outcomes and developing playbooks to enhance future detection and response.
Collaborate with Security Analysts, Research, and Backend teams to enhance detection quality.
Contribute to the handling of complex or critical incidents escalated from Tier 1/2.
Participate in recurring customer meetings, helping translate security findings into clear, actionable recommendations.
Stay up to date with emerging threats, attack techniques, attack surfaces, and best practices in cloud security.
Contribute to the development and training of AI-driven detection models, leveraging machine learning to improve investigation accuracy and response efficiency.

Were looking for a highly skilled Technical Support Engineer to lead the charge in troubleshooting complex technical issues, ensuring exceptional customer satisfaction, and providing strategic solutions. Youll play a key role in documenting solutions, escalating critical cases, and leveraging your cloud expertise to deliver unparalleled support and build strong, lasting relationships with our customers.
Responsibilities :
Provide accurate and timely support via Slack, chat, or email to troubleshoot and resolve customer issues.
Diagnose and resolve technical problems, escalating complex issues to R&D or Product when needed.
Build strong relationships, educate customers on product features, and maintain a professional, supportive tone.
Create and update support documentation while logging all interactions in the support system.
Enhance skills through ongoing training to maintain technical excellence and deliver top-tier support.

Were seeking a Security Lead to join our team. This role is ideal for someone who can shape security foundations from the ground up. Youll solely build, lead and scale our security program across product, infrastructure and internal operations. This is a hands-on leadership role in which you will define our security strategy, drive execution, take ownership of maintaining security within our cloud environment and ensure that our customers, partners and employees can trust our platform and data handling.

Responsibilities

Embed secure-by-design and secure-by-default practices into the SDLC, partnering with engineering on threat modeling, secure code reviews, SAST/DAST, vulnerability management, and integrating practical, developer-first security solutions directly into development workflows.
Manage hands-on application and cloud security execution, reviewing code, hardening services, improving AWS/GCP configurations, IAM, networking, and secrets management, building cloud posture management, and integrating security into CI/CD, containers, and infrastructure-as-code.
Drive LLM and GenAI security innovation, implementing guardrails, prompt injection protections, MCP authorizations, and AI-specific security controls to ensure resilient and safe AI-powered systems.
Own incident response and security operations end-to-end, including preparation, detection, mitigation, root-cause analysis, remediation, communications, and developing internal standards, playbooks, and automation to scale the function from scratch.
Lead privacy, data lifecycle, and compliance initiatives, owning SOC 2, ISO 27001, GDPR, and regulatory readiness, while representing security in customer and partner discussions and translating technical controls into business assurance.

We are looking for a Vulnerability Manager to join the Cyber Security organization, reporting to the Vulnerability Lead within the Cyber Security PMO under the CISO.
This role focuses on execution and operational management of the organizations vulnerability management activities. You will work closely with the Vulnerability Lead to drive day-to-day remediation efforts, ensure SLA compliance, and maintain continuous progress across teams.
The ideal candidate is execution-driven, detail-oriented, and experienced in vulnerability management processes within cloud, infrastructure, and application environments.
Responsibilities
Vulnerability Management Execution
Drive day-to-day execution of vulnerability management processes across cloud, infrastructure, SaaS, and application environments.
Track vulnerabilities from identification through remediation and validation.
Ensure SLA adherence and timely remediation across teams.
Execute prioritization based on risk, severity, and business impact as defined by the Vulnerability Lead.
Stakeholder Coordination
Work closely with Security, DevOps, Infrastructure, and Engineering teams to drive remediation efforts.
Follow up on tasks, remove blockers, and ensure continuous progress.
Provide regular status updates and reporting to the Vulnerability Lead and PMO.
Tracking & Reporting
Maintain accurate tracking of vulnerabilities, remediation status, and KPIs.
Support dashboards and reporting on SLA compliance, exposure trends, and risk reduction.
Process & Improvement
Support improvement of vulnerability management processes, workflows, and tooling.
Assist in audits, compliance activities, and documentation.

We are seeking a highly experienced Vulnerability Lead to join the Cyber Security organization, reporting directly to the Head of PMO under the CISO.
This role combines deep domain expertise in Vulnerability Management with strong project leadership capabilities. The primary focus is to lead and mature the organizations vulnerability management program, while also driving additional cross-functional security initiatives.
The ideal candidate brings hands-on experience in vulnerability lifecycle management, risk-based prioritization, and remediation at scale, along with the ability to operate across security, engineering, infrastructure, and product teams.
Responsibilities:
Vulnerability Management Leadership
Own and lead the organizations Vulnerability Management program across cloud, infrastructure, SaaS, and application environments.
Drive end-to-end vulnerability lifecycle: identification, assessment, prioritization, remediation, and validation.
Implement and enforce risk-based prioritization aligned with business impact and threat intelligence.
Define, track, and improve KPIs such as SLA adherence, remediation timelines, and exposure trends.
Work closely with Security, DevOps, Infrastructure, and Engineering teams to ensure effective remediation at scale.
Project & PMO Execution
Lead and deliver additional cross-functional cyber security projects under the CISO organization.
Define project scope, objectives, timelines, and success metrics aligned with security strategy.
Manage execution, dependencies, risks, and stakeholder alignment across multiple initiatives.
Prepare executive-level reporting and dashboards for the CISO and senior leadership.
Strategy & Improvement
Continuously improve vulnerability management processes, tooling, and governance.
Support audits, compliance requirements, and security risk reporting.
Act as a subject matter expert for vulnerability risk across the organization.

We are looking for a GRC specialist who is excited to build and scale a modern compliance and security program from the ground up. This role is not just about maintaining SOC 2 and ISO certifications. It is about embedding security into our product, our engineering culture, and every customer conversation. You will partner closely with Engineering, Sales, and Leadership to turn compliance into a strategic advantage and help our company earn and maintain the trust of some of the most security-conscious organizations in the world.
About us:
The company Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Backed by Sequoia and Cyberstarts, our company uses an agentless approach to reveal what is truly exploitable while reducing manual prioritization and remediation through automated response workflows.
What you will do:
Own and manage our companys security compliance program, including SOC 2, ISO 27001, and other relevant frameworks
Lead the response to customer security questionnaires and vendor security assessments, ensuring timely and accurate completion
Build and maintain our companys internal security controls framework and evidence collection processes
Establish and manage continuous compliance monitoring and validation initiatives
Develop and maintain security policies, standards, and procedures that support both compliance and business objectives
Manage relationships with external auditors and assessors during compliance audits
Drive security awareness training and secure development practices across the organization
Support customer-facing security conversations during sales cycles and onboarding
Monitor regulatory changes and emerging compliance requirements relevant to SaaS platforms
Build scalability into GRC processes through automation and tooling improvements.

Were a team of builders and innovators who thrive on complex technical challenges. If youre energized by distributed systems, cloud-native architectures, and the opportunity to protect thousands of organizations worldwide, we want to hear from you.

Join us in expanding security platform, where innovation meets impact.

What Youll Do:

Architect and build scalable backend services that scan millions of cloud resources daily across multi-cloud environments

Design and implement distributed systems that process massive volumes of security data with high reliability and low latency

Develop agentless scanning capabilities for vulnerability detection, configuration assessment, and data security across cloud workloads

Collaborate cross-functionally with security researchers, product managers, and fellow engineers to deliver features that customers love

Own features end-to-end - from design and implementation through deployment, monitoring, and iteration

Drive technical excellence through code reviews, architectural discussions, and mentoring team members

Solve complex challenges in cloud security, data processing, and distributed systems at enterprise scale

Were a team of builders and innovators who thrive on complex technical challenges. If youre energized by distributed systems, cloud-native architectures, and the opportunity to protect thousands of organizations worldwide, we want to hear from you.

Join us in expanding security platform, where innovation meets impact.

What Youll Do:

Architect and build scalable backend services that scan millions of cloud resources daily across multi-cloud environments

Design and implement distributed systems that process massive volumes of security data with high reliability and low latency

Develop agentless scanning capabilities for vulnerability detection, configuration assessment, and data security across cloud workloads

Collaborate cross-functionally with security researchers, product managers, and fellow engineers to deliver features that customers love

Own features end-to-end - from design and implementation through deployment, monitoring, and iteration

Drive technical excellence through code reviews, architectural discussions, and mentoring team members

Solve complex challenges in cloud security, data processing, and distributed systems at enterprise scale

The Cloud Risk team Cloud Security is looking for a senior engineer to join our growing team working on a transformative initiative .

This role is centered on gathering customers resources and insights from various CrowdStrike cloud products, establishing connections between data sources, and handling large-scale data operations to run comprehensive evaluations and generate actionable posture intelligence.
You'll be responsible for processing vast amounts of customer data to create meaningful conclusions that help customers:

Discover misconfigurations, security risks, and compliance violations in cloud environments

Identify and prioritize security risk issues that require immediate attention

Gain valuable insights into their cloud resources and assets to enable faster, more effective investigations

Understand the potential risks associated with their assets and cloud environment

Make data-driven security decisions based on comprehensive analysis of their environment

Responsibilities include:

Develop ETL jobs to gather data from multiple sources and provide insights into various product areas

Building data warehouses where large amounts of metrics and data will be stored

Interacting with many product groups within the organization to collect key metrics via APIs, Kafka integrations or direct data access

Participation in configuring and receiving uptime alerts related to the services you control.

Keeping services up and running in a healthy state.

As a senior researcher and tech lead on the team, you will play a pivotal role in conducting security research while mentoring and guiding fellow researchers to scale our capabilities. Beyond your individual contributions, you'll help establish research methodologies, foster collaboration, and build a culture of technical excellence within our growing team.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments. You will get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of cloud detection capabilities while helping develop the next generation of security researchers.

What You'll Do
Initiate and conduct Cloud Research Initiatives: Follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Lead and mentor research efforts: Guide fellow researchers in technical decision-making, establish research best practices and methodologies, and foster knowledge sharing within the team to build collective expertise.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Coordinate research initiatives: Lead technical discussions, prioritize research objectives within your area of responsibility, and ensure alignment with broader team goals and product roadmap.

The Cloud Risk team Security is looking for a senior engineer to join our growing team working on a transformative initiative
This role is centered on gathering customers resources and insights from various CrowdStrike cloud products, establishing connections between data sources, and handling large-scale data operations to run comprehensive evaluations and generate actionable posture intelligence.


What You'll Do:

You'll be responsible for processing vast amounts of customer data to create meaningful conclusions that help customers:

Discover misconfigurations, security risks, and compliance violations in cloud environments

Identify and prioritize security risk issues that require immediate attention

Gain valuable insights into their cloud resources and assets to enable faster, more effective investigations

Understand the potential risks associated with their assets and cloud environment

Make data-driven security decisions based on comprehensive analysis of their environment

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.

We are looking for a senior researcher to focus on vulnerability research and exploitation in embedded environments.

In this role, you will research proprietary technologies and analyze complex IoT and embedded devices.

You will be responsible for taking your research from initial discovery to a full end-to-end solution in production.

We are looking for talented, fast learners to work on vulnerability research and exploitation in embedded and IoT environments. This role is ideal for researchers with strong low-level backgrounds who want to deepen their expertise in IoT and embedded systems security while working on real-world, complex technologies

You will analyze proprietary software and hardware, apply a deep understanding of low-level systems, and take your research from initial discovery to a full end-to-end solution in production.





Requirements
5+ years of experience as a security researcher or industry-equivalent experience.
Understanding of memory corruption (Stack/Heap, UAF) and logical vulnerabilities (Injection, Logic/Design flaws, TOCTOU).
Understanding of common security mitigations such as ASLR, DEP, and CFI.
Expertise in OS internals, file systems, network protocols and cryptography concepts.
Hands-on experience with reverse engineering and debugging tools such as IDA Pro or Ghidra, and GDB.
Proficient in Assembly, C, and Python.