לוח משרות דרושים הייטק אבטחת מידע / סייבר בתל אביב יפו

We're looking for an experienced Network Security Analyst to join us.
WHAT YOU'LL DO

Investigate network security risks in customer environments.
Develop network threat models of new cloud services and cloud-deployed applications.
Work closely with product management to support product roadmap decision-making.
Operationalize your knowledge of cloud network security by building security controls and detection rules related to public exposure, potential external attack vectors, lateral movement, and more.

we are looking for a Security Engineer with deep experience in cloud-based applications and infrastructure.
In this role, youll collaborate with our software development and DevOps teams to secure products, CI/CD infrastructure, and production infrastructure. Youll also get the opportunity to influence our product roadmap by utilizing to assess, monitor, and harden our environments.

This role encompasses multiple open positions for candidates with cloud-focused experience in areas like threat modeling and security reviews, detection engineering, incident response, and vulnerability management.


WHAT YOULL DO

Plan detection use cases and delivering detection capabilities to identify attack tactics, techniques, and procedures
Play a key role in the security incident response process
Develop, promote, and monitor the adoption of sound cloud security practices
Take ownership of vulnerability management and patching policies
Identify and help mitigating security issues, misconfigurations, and vulnerabilities related to the cloud, container, and Kubernetes infrastructure
Collaborate with engineering, DevOps, and IT teams to ensure security is at the heart of what we do
Lead threat modeling exercises around cloud-native, SaaS, and cloud-first technologies
Mentor and provide technical leadership to other members of the Security team

were looking for a Threat Detection Analyst to join our team
WHAT YOULL DO

Monitor attacks against cloud environments and malware targeting cloud workloads
Build detections and tools to protect customers from cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Build procedures and playbooks to be used when emerging threats are detected
Work with customers in response to requests related to suspicious activity or potential incidents
Develop best practices and security policies based on research findings, and write external-facing materials stemming from your research

Were looking for a top-notch Threat Detection Researcher to join our team
WHAT YOULL DO

Build detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

We're looking for an experienced Threat Intelligence Researcher to join our team
WHAT YOULL DO

Track cyber threat activity targeting cloud environments
Build and maintain profiles of state-sponsored or financially motivated cyber threat actors
Track private and public threat intelligence feeds and sources
Investigate threats to customer environments based on analysis of product telemetry
Correlate and cross-reference intelligence from multiple sources to build a deeper understanding of threat activity
Work with the product and sales teams to provide security insights to customers and support decision-makers
Operationalize your knowledge to help build detections for emerging threats
Produce various forms of analytic reports describing threat activity and security incidents impacting customer environments
Publish your insights about the cloud threat landscape with the wider security community

We are NeoGames (Nasdaq: NGMS), a global leader of iLottery solutions and services to national and state-regulated lotteries. We are part of the NeoGames Group, an iGaming powerhouse with 1100 employees spread across 8 countries. At NeoGames, we pride ourselves on our “People first” culture. Not only has it been a core value in our organization for as long as we can remember but it also runs in our DNA and is felt in every aspect of our operations. We are currently seeking a SecOps Manager. In this position you will work to implement the Security Operations strategy as part of the cyber security team, to enable secure business operations and missions. As a Security Operations Manager, you will be responsible for overseeing the security operations of the Real Money Gaming (RMG) production workloads. You will supervise a team of security professionals to ensure the confidentiality, integrity, and availability of the organization's production information assets. This role requires a deep understanding of security operations, incident response, threat intelligence, and risk management. The Manager of security Operations will leverage their knowledge of best practices to be able to support the Security Operations policies, standards, and legal requirements while overseeing a team of Security Operations and Engineering SMEs. The Manager, Security Ops will execute Security Ops & Engineering strategy, manage and work with relevant vendors to solve security issues and problems. This role will require a keen understanding of business key assets and processes, unique business requirements, the information security program, and combining this information to address residual risk by recommending security enhancements within the area of responsibility.

Responsibilities:
• Responsible for the Confidentiality, Integrity, and Availability of PROD systems. • Lead and supervise our external (MSP) Security Operations Center (SOC) functions that consist of: • Monitoring, detection and analysis activities • Threat Hunting • Threat intelligence activities • Incident response (IR) activities • Being the focal point for PROD security incidents – Manage the investigation, provide communication • Coordinate incident response process (SOC) for PROD workloads – Lead the incident response process, ensuring security incidents are promptly detected, assessed, and mitigated.. • Coordinate and communicate with RMG customers during incidents to provide updates on progress and potential impacts. Communication will be performed in partnership with Product Security and GIS. • Conducting post-incident reviews, and implementing improvements based on lessons learned.. • Enrich and expand the SOC coverage based on existing/ & new attack vectors. • Suggest detection and response improvements for GIS as well as the MSP to speed up and/or enhance detection capabilities. • Ensures security operations playbooks are created and/or in place to cover any identified process gaps and the team is able to execute against them in the absence of leadership. • Develops and reports key metrics to demonstrate the success of the organization across organizational levels, up to, and including, the Board. • Ensure the ongoing delivery/implementation of security measures & tools – Work with IT & DevOps to make sure that the security roadmap is fully delivered with optimal quality. • Assists with setting and advancing the global strategic vision, and execution of Security Operations and Engineering aspects of Our Global Information Security program. • Monitors industry information technology and security trends, threats, and regulatory trends to identify effects to Security Operations interests and in scope responsibilities. • Supports acquisition due diligence for information security risks and supports control design for integration. • Participates in reporting requirements, monthly/quarterly status meetings, and offsites as appr

XM Cyber is the leader in hybrid-cloud security posture management, using the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. We are seeking a highly skilled System Architect to join our team. The System Architect will be responsible for designing the system architecture for our SaaS solution, ensuring it meets the highest standards of security and performance. This role will require a deep understanding of modern cloud architecture and big-data tools, as well as experience in architecting complex systems in a SaaS environment.
* Designing the system architecture for our SaaS solution, considering factors such as scalability, reliability, and security
* Leading the design and implementation of product security measures to ensure the confidentiality, integrity, and availability of customer data
* Collaborating with cross-functional teams to ensure alignment with business requirements and technical goals
* Conducting regular assessments of the system architecture to identify potential risks and areas for improvement
* Providing technical leadership and guidance to the development team in implementing architectural best practices
* Keeping up to date with the latest trends and technologies to inform architectural decisions and bringing innovative solutions

Deep Instinct, the first cyber security company to apply Deep Learning to cyber security is looking for a Threat Researcher . Deep Instinct is an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW! The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications. The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.

Office Location:
TLV Office

Region:
Israel

Responsibilities::

* Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
* Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
* Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
* Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
* Uncover and develop new cyber-attack vectors, techniques and POCs.

Why Work With Us::
At Deep Instinct we are committed to creating an excellent employee experience. We offer competitive salaries, a generous benefits package among great culture. We have some of the most forward-thinking and talented people in the world working for us. If you're creative and autonomous with a real passion for technology, we want to hear from you. About Deep Instinct: Deep Instinct , is the first cyber security company to apply Deep Learning as a platform. We are the only cyber security company harnessing the the power of deep learning to prevent 99% of known and unknown attacks from malware and zero-day threats.

We are looking for an Information Security Lead to steer the organizations information security, data security and risk management. The Information Security Lead will work with various departments in Mastercard and implement the organizations best practices. This role will report to the VP technologies operations organization.
Role-
Developing, implementing, and monitoring a strategic, comprehensive enterprise information security and IT risk management program that aligns with the organizations business objectives and regulatory requirements. The program is required to align with Mastercard's corporate strategy and directives.
Providing and approving security related items in RFP responses and contract negotiations. Joining customer calls to explain our security position and understand the customer needs.
Partnering with business units and stakeholders across the organization to facilitate risk assessment and risk management processes, and to raise awareness of security issues and best practices.
Establishing and maintaining an information security management framework that incorporates industry standards and best practices and lead compliance audits for ISO/IEC 27xxx, SOC II and other security certifications.
Assisting in the selection, implementation, and maintenance of security technologies, tools, and processes that support the organizations security goals and policies.
Responding to security incidents and breaches, and coordinating with internal and external parties to investigate, contain, remediate, and report on them.
Evaluating and reporting the organizations security posture and performance, and provide regular feedback and recommendations to senior management.
Staying abreast of current and emerging security threats, trends, technologies, and best practices, and ensuring that the organization adapts accordingly.
Sourcing and selecting vendors and service providers that offer security solutions or support.

We are looking for a GRC Analyst.
As a GRC analyst, you will be working very closely to participate in all aspects of cyber security and compliance. The role is a crucial part in our Cyber Security team and the entire security program. We are looking for a team member with experience in compliance frameworks operating with modern systems. You will be involved in all information security processes and activities, with the different teams, make risk mitigation recommendations, and suggest and review solutions. This is a key position in the process of building the security culture in the entire organization.
The ideal candidate is highly motivated, demonstrating a can do' attitude and needs to have a combination of troubleshooting and communication skills, as well as the ability to handle a mix of multiple tasks in parallel.
This role will provide career growth opportunities as you develop/acquire new security skills in the course of your duties.
RESPONSIBILITIES:
Support local, regional, and global initiatives and activities related to governance, risk, and compliance.
Establish, maintain, and publish up-to-date security and compliance policies, standards, and guidelines, and oversee training and dissemination of policies and procedures.
Identify and track timely closure of control gaps and risk mitigation plans.
Participate in ISO 27001, SOC, and other compliance assessment, evidence collection, and reporting.
Develop and implement various Governance, Risk, and Compliance tools.
Utilize a risk-based approach for vendor management, including assessing and treating the risks.
Assist with Incident Response and Business Continuity to include running table-top exercises.
Other related duties such as Incident response process, Vulnerabilities management and more.

We are looking for a Threat Researcher.
we are an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW!
The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications.
The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.
RESPONSIBILITIES:
Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
Uncover and develop new cyber-attack vectors, techniques and POCs.

We are looking for a Security and ML/AI Principal Researcher to work alongside product owners, designers, and technical writers within the broader Product Management Group. As a Principal Researcher, you are responsible for doing research in Cyber and ML/AI applictions to assist in refining and executing the vision of Identity Threat Detection and Response (ITDR), Cloud infrastructure Entitlement Management (CIEM), Behavioral Analytics, Secret Server and other company`s solutions, by working closely with cross functional teams in the research, planning, development, and release of new products. You will be working in a highly dynamic, fast-paced environment, interacting regularly with internal stakeholders in the development of our products.

The ideal candidate will have the tenacity, focus, and creativity to thrive in a fast-paced security startup, where initiative is expected, oversight is minimal, and where results are the only
outcome that matters.

This position is based in Tel Aviv and will require being on-site in the office two to three days per business week.

Key Responsibilities:
Research areas may include, but are not limited to the following.
Security research such as: identity threats, account takeover methods, AuthZ security, app permission mechanisms and privilege escalation paths, AuthN weaknesses, IAM mechanisms, automated provisioning abuse, configuration weaknesses, access related supplychain attacks, and protocol weaknesses and attacks on SAML, SCIM, OAuth2, OIDC, and similas. (it is unlikely but not impossible that work will include binary level exploitation / RE as well).
ML/AI applications research such as: ML/AI discovery of TTPs and anomalies, using LLMs and foundation models for security applications (may include fine tuning, RAG, and other
applications), quantifying risk, graph analysis and graph algorithms.

In this role you may also:
Help refine and articulate the product vision and strategy of selected our solutions.
Collaborate with customers, prospects, partners as well as external/internal stakeholders to understand client needs to define and validate product requirements.
Work closely with Engineering and PM teams to solve complex problems affecting our customers through research applications.

we are a strategic consulting and business intelligence firm based in Tel Aviv looking for an Intelligence Analyst.
Responsibilities:
* Conduct in-depth research and analysis, collaborating with cross-functional teams to communicate complex findings effectively
* Develop innovative OSINT and WEBINT methods, staying up to date on the latest trends and investigative techniques
* Operate and maintain cutting-edge technological systems, implementing investigative findings across various sectors
* Be part of a leading team, holding top-to-bottom responsibilities

We are seeking a highly talented Malware Researcher with a strong background in sandboxing and reverse engineering techniques.
You will join the Intego (our Anti-Virus) Malware Research team in delivering sophisticated customer protection.
Description:
Research new malware online.
Detecting trends and waves of infections.
Writing technical articles on findings.
Code reading to determine if a particular file is malicious or not.
Writing regular expressions to detect and remove malicious code.
Act as a strong advocate for quality in the product development process for software engineering.
Self-motivated and able to grasp issues quickly and make educated, critical judgments in the absence of complete requirements.
Able to multitask in a dynamic, fast-paced environment, proven social skills, and worked with various multi-functional teams to deliver high-quality products.