לוח משרות דרושים הייטק אבטחת מידע / סייבר בתל אביב יפו, לחיפוש זה נמצאו 185 משרות

Senior Enterprise Security Engineer
As a Senior Enterprise Security Engineer, you will be a foundational architect of our corporate security posture, directly safeguarding our infrastructure, sensitive data, and global workforce. This is a highly hands-on, configuration-driven role focused on hardening our environment through identity governance, endpoint security, and automated threat response.
What Youll Do:
Identity & Zero Trust: Architect robust IAM principles (Okta, Entra ID) and Zero Trust strategies. Enforce granular authentication, lifecycle management, and device trust to ensure secure access across all corporate resources.
Endpoint Security & Fleet Hardening: Lead the administration of our EDR (CrowdStrike Falcon) and MDM/UEM (Intune, Jamf). Manage patch lifecycles, endpoint state attestation, and proactive threat hunting to neutralize threats across all corporate devices.
Threat Detection & Automation: Develop advanced detection logic (SIEM/XDR) and build SOAR workflows to reduce Mean Time to Detect (MTTD) and Respond (MTTR).
SaaS Security & DLP: Secure our ecosystem by managing email security (e.g., Material Security) and implementing Data Loss Prevention (DLP) across SaaS platforms (Google Workspace, Salesforce, Box).
Cross-Functional Leadership: Partner with Engineering and IT to embed security-by-design, automate compliance checks for new infrastructure, and manage security integration for mergers and acquisitions.

we are looking for a Product Security Engineer.
Responsibilities:
Own, maintain, and continuously improve the Secure Design Review process, ensuring security considerations are integrated early in the development lifecycle.
Develop, implement, and maintain Zenitys Application Security Program, including controls, standards, developer enablement, and automation.
Manage SAST and DAST tooling, including configuration, integrations, alerting, developer workflows, and program-wide reporting.
Monitor and enforce SDLC security controls, ensuring consistent application of secure development practices across all engineering teams.
Develop and maintain Zenitys Cloud Security Program, defining guardrails, policies, and automated controls for secure-by-default cloud deployments.
Manage CSPM tooling, including configuration, findings triage, reporting, and alignment with internal risk and compliance processes.
Partner with DevOps to design, implement, and maintain a fully secured CI/CD pipeline, ensuring that security checks, guardrails, and automated gates are embedded throughout build, test, and deployment stages.
Collaborate closely with engineering teams to deliver actionable guidance, model threats, advise on architecture, and support secure implementations.
Drive automation-first approaches to product and cloud security, reducing friction and enabling fast, safe development.
Define and track KPIs, metrics, and reporting for application and cloud security health.
Identify gaps in product, application, and cloud security posture and drive end-to-end remediation plans.
Promote a culture of security and developer empowerment by delivering clear, pragmatic, and scalable guidance.

We're seeking a Senior Security Researcher & Team Lead to own and drive Zenity's security research domain from the ground up. This is a leadership-first role - you'll build and guide a research team, define a new frontier in AI and agentic security, and shape the methodologies and standards that don't yet exist in the industry. If you thrive in ambiguity, love creating structure where there is none, and want to leave a real mark on an emerging security domain, this role is for you.
You'll investigate emerging attack surfaces, architect and implement detection mechanisms, and validate your findings in production environments protecting Fortune 500 customers. It's a high-ownership position that blends deep technical research with strategic thinking and team leadership - with a real sense of urgency to shape the AI security landscape not just for Zenity, but for the entire security community.
Responsibilities:
Lead and mentor a security research team, driving vulnerability and threat research that generates product value and protects Fortune 500 customers in production environments.
Take end-to-end ownership of detection mechanism design for agentic AI applications - from initial hypothesis through experimentation to production-grade implementation.
Apply expertise across cloud, identity, web, and API security to map and address the evolving AI threat landscape.
Apply LLMs, Agentic AI, and machine learning models to detect security vulnerabilities.
Collaborate closely with engineering and product teams to translate research into actionable, shippable security capabilities.

As a CyOps Analyst, you will be investigating security alerts from the Cynet platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with the Research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
* Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.

About Us:
We are a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 247 security experts. With a Partner First mindset, we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.

Were seeking a Senior Security Researcher to drive end-to-end research initiatives that strengthen Zenitys detection capabilities. In this role, youll investigate emerging attack surfaces, craft and implement innovative detection logic, and test your findings in real-world environments. Its a hands-on position ideal for someone eager to transform research insights into effective, production-grade security defenses.
Responsibilities:
Research AI Agent and LLM-related risks, such as prompt injection and jailbreaking and implement sophisticated detection strategies.
Conduct research on cloud, web, and API security to uncover new threats and attack vectors.
Develop, refine, and design world-class detection logic and rules to enhance Zenity's runtime protection.
Perform threat-hunting activities across large data sources to identify emerging attack patterns
Drive full-cycle research: from hypothesis and experimentation to production validation.
Collaborate with engineering and product teams to deliver actionable insights.

As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

We are looking for a proactive Security Assurance Lead to advance our security program into a proactive validate and verify model. Your mission is to ensure our defenses arent just present, but effective. In this hands-on technical role will own and manage testing, validating and reporting on our security posture, through automated testing against our controls, and ensure our security stack is optimized, integrated, and fully utilized.
Key Responsibilities:
Security Assurance Management: Define, orchestrate and drive the security assurance program from vision to full implementation.
Continuous Control Validation: Design and execute automated testing (e.g., Breach & Attack Simulation) to verify that prevention and detection controls are functioning across cloud, SaaS and IT environments.
Central Visibility Hub: Build and maintain a real-time Security Posture Dashboard. This hub will provide a single pane of glass for the coverage and health of our security stack.
Tool Optimization & Efficacy: Review our existing security suite to ensure tools are properly configured, integrated, and delivering ROI. You will identify blind spots where tools are installed but not effectively monitoring or blocking.
Offensive Testing Strategy: Coordinate regular external offensive testing cycles such as Penetration Testing, Phishing, etc. and translate broken controls and findings into actionable items.
Operational Excellence: Define clear ownership, maintenance schedules, and lifecycle processes for all security technologies to prevent tool rot.

We are seeking an experienced Incident Response leader to own and lead the companys response to large-scale, high-impact cyber incidents. This role is responsible not only for technical response, but for cross-company crisis coordination, executive decision support, and ensuring fast, controlled mitigation across engineering, product, legal, communications, and leadership teams.
This is a leadership role for someone who has personally led complex incidents under pressure - including situations involving material business risk, customer impact, regulatory exposure, and executive visibility.

The Application Security team treats security as a high-stakes engineering discipline, not an administrative task. We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.

We're building something special in our Israel-based Offensive Security organization, and we're hiring multiple people across three key areas:
Penetration Testing
Red Team Product
Security Research
While these roles share a common foundation in offensive security tradecraft, each brings its own unique focus and impact.
We're looking for deep expertise in at least one of these areas, with the ability to grow across others. We have multiple openings and are looking for talent at various levels. As we get to know you through the interview process, we'll work together to identify the best fit matching your expertise and interests with the specific role and level (Senior, Lead, or Principal) that makes the most sense for both you and the team.
Role Overview
We are seeking a highly skilled offensive security professional to join our elite team. This role is ideal for someone who thrives on breaking systems, finding creative attack paths, and using their findings to drive meaningful security improvements across our company's products and infrastructure.
You will work alongside some of the best minds in security, operating with significant autonomy and impact. Whether you specialize in deep application level penetration testing, red teaming, security research or vulnerability discovery, we want to hear from you-you don't need to be an expert in all three domains. What unites these roles is a relentless attacker mindset, a drive to find and demonstrate real-world impact, and the ability to translate offensive findings into lasting security improvements.
Responsibilities
Conduct advanced penetration testing, red team operations, or security research targeting our company's cloud infrastructure, applications, and services
Discover, exploit, and document security vulnerabilities using creative and methodical approaches
Develop custom tools, exploits, and attack techniques to simulate real-world adversaries
Collaborate with product teams to remediate vulnerabilities and improve secure design practices
Contribute to the maturity of our offensive security program through automation, tooling, and process improvements
Mentor and share knowledge with team members, fostering a culture of continuous learning
Present findings and security insights to technical and executive audiences
Stay ahead of emerging threats, attack techniques, and offensive security tradecraft.

Join our Operation team. Help drive our world-class threat monitoring and fraud detection platform securing organization funds. Be part of the analysts team, work with customers and key POCs, to provide an additional level of security and confidence, by leveraging unique intelligence feeds, threat logs, and IOCs. Collaborate with our world-class research team and various RnD teams as you help shape our product, help customers be more secure, and immerse yourself to the cyber fraud tech ecosystem.

Proactively monitor and review threats and suspicious events from our customers.
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Use multiple sources of our data intelligence trust network, external threat feeds, etc.
Support customer's payment processes and workflows.
Maintain excellent customer satisfaction through professional, proactive and personal service.
Work closely with our research and development team.
Contribute to our knowledge base by creating fraud analysis reports and best practices.

We help organizations reinvent themselves.
Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow.
If youre looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you.
Integrity, excellence, and innovation are not just values - they are our standard.
we are looking for an excellent Cloud Security Expert .
Major Responsibilities:
Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customers secure cloud environments
Deliver technology-related aspects of cloud security solutions and services to client engagements
Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
Cloud environments configuration reviews and assessment
Act as technical subject matter expert and the technical focal point for clients
When working with clients abroad, collaborate with our company member firms teams.

We are seeking a Cloud Security Engineer with 2-5 years of experience to provide advisory services to leading clients and support the design and security of cloud environments, with a growing focus on AI security.
This is a temporary position (maternity leave replacement).
Major Responsibilities
Advise clients on designing and securing cloud environments
Deliver cloud security solutions as part of client engagements
Lead requirements analysis, architecture design, and security controls planning
Perform cloud security assessments and configuration reviews
Act as a technical focal point for clients
Provide guidance on AI systems security, including risk identification and data protection.

We are seeking a highly skilled and hands-on Application Security Lead to take ownership of our product and infrastructure security. Reporting directly to the CISO with a dotted line to the CTO, you will act as the critical bridge between our Security and Engineering teams, driving a robust "security-first" culture.
While this role encompasses both application and infrastructure security, our primary focus is on the Application Security domain. You will lead our transition towards a mature DevSecOps organization, ensuring that security is seamlessly embedded into every phase of our SDLC without compromising delivery speed.
Key Responsibilities
Application Security & Secure Engineering:
Secure SDLC Integration: Embed security practices throughout the entire SDLC, from initial design and planning to deployment and maintenance.
Threat Modeling & Architecture: Lead threat modeling (e.g., STRIDE) and architectural reviews for high-risk features like authentication, PII, and payments.
AppSec Tooling & Automation: Integrate and manage automated security scanning (SAST, SCA, DAST) within CI/CD pipelines to ensure code integrity seamlessly.
Mobile & API Security: Enforce least-privilege models for API configurations. Lead security initiatives specifically tailored to mobile environments (iOS/Android), protecting our core mobility platform.
Offensive Security & Pentesting: Orchestrate internal red teaming and external penetration tests for web and mobile applications. Manage Vulnerability Disclosure Programs (VDP) / Bug Bounties.
Developer Empowerment & DevEx: Collaborate with developers to provide automated tools, coding guidelines, and frictionless guardrails for secure-by-design development, ensuring security acts as an enabler, not a blocker.
Incident & Vulnerability Management: Act as the technical escalation point for application security incidents, leading detection and recovery efforts, while prioritizing vulnerabilities across the product suite for timely remediation.
Cloud & Infrastructure Security:
Cloud & Network Posture: Manage cloud security posture (CSPM) across AWS/GCP and oversee broad network security measures, including WAF, Bot management, and environment segmentation.
Pipeline & Secrets Management: Secure the CI/CD infrastructure against tampering and enforce robust secret management and secure repository controls across the organization.
Resilience & Recovery: Manage disaster recovery (DR) and business continuity planning for production environments.
Governance, Culture & Compliance:
DevSecOps Strategy: Lead the strategic evolution of DevOps into a mature DevSecOps model, aligning with industry frameworks like OWASP SAMM and NIST SSDF.
Metrics & Measurement: Define and track key security metrics (e.g., MTTR, vulnerability density) to measure and improve program effectiveness.
Security Champions: Build and mentor a Security Champions program within R&D to scale security knowledge and foster a grassroots culture.
Compliance & Privacy: Ensure continuous compliance with PCI-DSS, ISO27001, and GDPR, championing privacy-by-design principles across all user data and R&D operations.