לוח משרות דרושים הייטק אבטחת מידע / סייבר בתל אביב יפו, לחיפוש זה נמצאו 181 משרות

We are looking for a senior researcher to focus on vulnerability research and exploitation in embedded environments.

In this role, you will research proprietary technologies and analyze complex IoT and embedded devices.

You will be responsible for taking your research from initial discovery to a full end-to-end solution in production.

We are looking for talented, fast learners to work on vulnerability research and exploitation in embedded and IoT environments. This role is ideal for researchers with strong low-level backgrounds who want to deepen their expertise in IoT and embedded systems security while working on real-world, complex technologies

You will analyze proprietary software and hardware, apply a deep understanding of low-level systems, and take your research from initial discovery to a full end-to-end solution in production.

We are looking for a highly skilled Cloud Security Engineer who can embed security across cloud infrastructure, CI/CD pipelines, applications, and AI-enabled environments. This role is ideal for someone with deep hands-on experience in cloud security, automation, and secure software delivery, combined with growing or strong specialization in AI/ML security, LLM security, and modern data platform protection.
The ideal candidate will help design, implement, and scale security controls across our cloud-native ecosystem while partnering closely with engineering, platform, data, and AI teams to ensure security is built into every stage of development and deployment.
Job responsibilities
Design, implement, and manage security controls across cloud environments such as AWS, Azure, or GCP
Secure cloud infrastructure, Kubernetes clusters, containers, storage, networking, IAM, and secrets management
Define and enforce cloud security baselines, guardrails, and best practices using infrastructure-as-code and policy-as-code
Monitor cloud environments for misconfigurations, threats, and anomalous behavior, and drive remediation efforts
Support incident response, threat detection, vulnerability management, and post-incident reviews for cloud systems
Integrate security into CI/CD pipelines and software delivery processes
Implement automated security testing such as SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection
Partner with engineering teams to improve secure SDLC practices and reduce security friction
Build reusable security automation and self-service controls for developers and platform teams
Collaborate with DevOps, SRE, and engineering teams to harden deployment pipelines and production environments
Partner with AI and data teams to secure AI/ML workflows, model development, and deployment pipelines
Define security controls for LLM applications, training data, vector databases, APIs, model endpoints, and agent-based systems
Help assess and mitigate AI-specific risks such as prompt injection, model abuse, sensitive data leakage, insecure plugins/tools, supply chain risks, and unauthorized model access.

Required Tetragon Senior Linux Security Engineer
Job Description
About this role:
Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.
Tetragon Threat Detection Engineers primarily focus on creating and maintaining
Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research.
Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.
What youll do:
Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
Work with software engineers at Isovalent to improve and enhance the capabilities of Tetragon security policies
Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
Publish content and give talks based on your work.

As a Security Support Specialist you will be tasked with driving operational security excellence within Data Centers while working with partner teams and leaders. The ideal candidate will manage communications and provide services as required. You will assist with electronic surveillance and access control requests, assisting Data Centre Security Managers streamline efficiency. You will write and implement security process and procedures. Your position will require you to extract metrics and observe improvements by looking at data. The successful candidate must have a proven track record of customer service, possess excellent verbal and written communication skills, and demonstrate good judgment and critical thinking.
An ideal candidate for this role will be able to work at all levels, from the theoretical knowledge of physical security principles to the practical application and real-world implementation of processes and measures. You should have a proven record of accomplishment in operations room/centre dispatching, data centre security operations, physical security, customer service; and the ability to multi-task.

Key job responsibilities:
You will manage a chat queue, phone communications, generate and/or manage trouble tickets, handle incoming chats, and provide support to customers.
Drive security awareness campaigns aimed at enhancing security vigilance and effectiveness.
You will manage workflow ticketing and extraction/development of performance metrics.
Configure physical security devices including cameras, readers, and panels.
Support daily operational security across a data centre campus.
Distil overarching security strategy into daily tactics to reach management goals.
Coordinate day-to-day activities and site security operations.
Coordinate with operations teams across a number of business units
Provide guidance and leadership across a number of team programs.
Building Partnerships through networking and innovation.
Extract metrics and seeking improvements by analyzing data and trends in order to influence positive change through targeted proactive incentives.
Verify Data Center security programs are delivered to meet defined global security standards
Assist in all media integrity related programs and activities
Assist in the training of new and existing personnel regards to compliance to security policies and procedures.
Handle escalations and resolve tasks delegated and/or assigned to the team.
Draft reports and prepare presentations on the status of physical security operations.
Collaborate with managers in writing and implementing security policies, processes and procedures based on regional or global security initiatives.
Serve as a customer advocate by identifying security-related opportunities and crafting innovative solutions that maintain uncompromising security standards
Participate in site audits, inspections.
Identifying, discussing and bringing forward issues and solutions to senior team members so to raise the security bar.

The Fraud Lead is the principal technical authority for fraud detection and response engine. You own the professional logic that powers our product, ensuring that the "Brain" of our platform is technically cohesive, scientifically rigorous, and market-leading.
You act as a System Architect for the fraud domain, connecting the dots between Research, Data Science, and Analytics. Crucially, you serve as the primary technical consultant for our customers, helping them understand, integrate, and optimize the fraud logic that protects their environments. You work alongside a separate Product group (who defines the roadmap) and a Platform Engineering group (who builds the infrastructure).
What youll do:
Technical Domain Architecture
Logic Blueprinting: Design the end-to-end technical logic for detection features-from telemetry ingestion to real-time response actions.
Cross-Team "Glue": Ensure that Fraud Research insights are effectively operationalized by the Data Science team and surfaced correctly by the Analytics team.
Architecture Governance: Set the technical standards for how detection logic is built, ensuring it is scalable and compatible with the Platform Engineering teams infrastructure.
Customer Fronting & Technical Advisory
Technical Subject Matter Expert: Act as the lead technical consultant for high-value customers. You will lead "deep-dive" sessions with client-side engineers and fraud experts to explain our detection methodologies and data requirements.
Integration Strategy: Advise customers on how to best leverage our technical logic within their specific business contexts.
Feedback Loop: Translate complex customer technical needs and "edge case" fraud patterns back into technical requirements for the internal fraud group.
Expert Implementation
Hands-on Prototyping: Remain an expert practitioner in Python and SQL. You will prototype new detection methodologies and perform technical validation of production models.
Quality & Observability: Design the technical frameworks that ensure our detection logic remains performant and observable in live customer environments.

we are looking for a Security Architect.
Providing an identity security platform to some of the most sensitive organizations in the world, product security is key in Security. As a Product Security Architect, you will be responsible for designing, shaping, and evolving the security architecture of all of our SaaS services. Youll be focused on proactively reducing security risks by performing architectural reviews, providing guidance and governance for security programs, owning application security training all through close collaboration with development and DevOps teams.
What youll do:
Security Architecture & Design
Security Reviews and Threat Modeling
Application Security Training
SDLC Security
Establish and provide guidance around application security and DevSecOps security programs

We are looking for a hands-on security researcher who combines an attacker mindset, fraud-domain curiosity, strong technical depth, and data analysis skills. You will investigate real-world fraud patterns, reproduce attacker techniques, analyze telemetry, enrich our data collection capabilities, discover new security signals, and work closely with product, data, and engineering teams to turn research insights into production-grade detection and prevention mechanisms.
This role is especially relevant for researchers with experience in browser technologies, mobile-native applications, or both. You may work on desktop and mobile browsers, browser APIs, browser automation, client-side signals, native mobile applications, Android/iOS behavior, mobile security, emulators, device signals, and mobile automation.
You will help expand our visibility into new signals and patterns that improve fraud detection, model performance, and customer protection.
If you are a talented researcher who enjoys solving complex problems, working with messy real-world data, and building practical defenses against modern fraud and abuse, we want you to join our team.

We are seeking an experienced Security Engineer to join our team and take ownership of our enterprise security infrastructure. In this role, you will be responsible for managing, monitoring, and optimizing our security stack to protect the organization against evolving cyber threats. You will play a critical role in ensuring the security and integrity of our network, endpoints, cloud services, and email communications.
What youll do:
Manage and maintain FortiGate firewalls, including policy configuration, VPN setup, traffic monitoring, and firmware updates to ensure robust network perimeter security, Hands-on experience with next-generation firewalls, preferably FortiGate
Administer Cisco Meraki cloud-managed networking infrastructure, including security appliances, access points, and network segmentation policies
Oversee Netskope CASB and SASE solutions to enforce cloud security policies, manage data loss prevention (DLP), and ensure secure access to cloud applications
Monitor and respond to security incidents using CrowdStrike EDR, including threat hunting, investigation, containment, and remediation of endpoint threats
Manage Abnormal Security platform to detect and respond to advanced email threats, including business email compromise (BEC), phishing, and account takeover attacks
Administer Kandji MDM solution for Apple device management, ensuring endpoint compliance, software deployment, and security policy enforcement across the Mac and iOS fleet
Secure and manage Google Workspace environment, including user access controls, security configurations, and audit log monitoring
Develop and maintain security documentation, playbooks, and incident response procedures
Collaborate with IT and DevOps / R&D teams to implement security best practices across the organization
Conduct regular security assessments, vulnerability scans, and risk analyses
Stay current with emerging threats and security trends to continuously improve the organization's security posture
Experience managing cloud-based networking solutions such as Cisco Meraki

Required Tetragon Threat Detection Engineer - Isovalent
About this role:
Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.
Tetragon Threat Detection Engineers primarily focus on creating and maintaining
Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research.
Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.
What youll do:
Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
Work with software engineers at Isovalent and us to improve and enhance the capabilities of Tetragon security policies
Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
Publish content and give talks based on your work.

As a Security Analyst , you will work with network data and customer-facing teams to analyze raw traffic, create data-driven insights, and design solutions that enhance product value and address client needs.

Responsibilities
As a Security Analyst , Your impact will be:

Analyze raw network traffic to uncover anomalous activities.
Perform in-depth data analysis utilizing various tools
Take responsibility for all data needs for certain clients
Create useful and creative data queries
Investigate complex security incidents within cyber-physical environments.
Develop heuristics and logic-driven analysis by both security and network insights to improve the value of the product
Initiation, Prioritization, and design of R&D work based on customer needs
Work with customers and our customer-facing teams to design new features, improve their workflows, and address issues

As a Vulnerability Research Team Lead , you will lead a world-class group of vulnerability researchers in analyzing complex cyber-physical systems. You will balance hands-on technical excellence with people management, guiding your team through deep-dive disassembly, code audits, and exploit development. You will be responsible for the team's research roadmap, ensuring we stay ahead of emerging threats while fostering a culture of innovation and professional growth.

Responsibilities
As a Vulnerability Research Team Lead, your impact will be:

Leadership & Mentorship: Lead, hire, and develop a team of high-performing Vulnerability Researchers, fostering a collaborative and high-standard environment.
Research Strategy: Define and execute the team's research roadmap, prioritizing targets that provide the highest value to customers and products.
Technical Oversight: Provide expert guidance on static/dynamic analysis, reverse engineering, and exploit development projects.
Cross-Functional Collaboration: Work closely with R&D, Product Management, and Threat Intelligence teams to translate research findings into actionable security features.
Thought Leadership: Represent research in the industry through blogs, whitepapers, or conference presentations (BlackHat, DEF CON, etc.).

We're looking for a security practitioner who wants to go deeper than monitoring dashboards and triaging alerts. Someone who understands what good detection looks like, knows their way around a SIEM, and isn't afraid to roll up their sleeves with APIs and automation. You'll be the bridge between the security products our customers already trust and the our company platform that validates whether those products are actually doing their job.

Opportunity Highlights
Our integrations team is responsible for connecting our company with the security products that make up enterprise defense stacks worldwide - EDR and XDR platforms, SIEMs, vulnerability management tools, threat intelligence platforms, email security products, and cloud security solutions.

You'll own the full lifecycle of these integrations: building new ones, keeping existing ones healthy, and setting up realistic lab environments that mirror what our customers actually run. When something breaks in the field (or can't be reproduced internally) you'll be the one figuring it out.

You won't be doing this alone. You'll work closely with our Product, Engineering, and Security teams, and you'll have access to modern AI-powered development tools that let you move fast without sacrificing quality.

The Impact You Will Have

Design, build, and maintain integrations with leading third-party security products
Own the full lifecycle of existing integrations - maintenance, bug fixes, upgrades, and reliability improvements
Research vendor APIs, authentication flows, event schemas, and product capabilities to unlock new integrations
Translate complex security telemetry into normalized, actionable data
Build and maintain lab environments that mirror real enterprise security deployments
Reproduce field scenarios, validate detections, and troubleshoot integration behavior end-to-end
Investigate issues in customer-like environments when they can't be reproduced internally
Continuously evaluate new security technologies and identify integration opportunities
Use modern AI-driven development tools to accelerate delivery and improve quality

We are KPMG Israel. We help organizations reinvent themselves. Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow. If you’re looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you. Integrity, excellence, and innovation are not just values - they are our standard.
Our Cyber & Cloud Security Department is seeking an Information Security Architect to join us. This role focuses on leading and advising clients and internal teams on integrating information security into complex technology, cloud, and digital transformation projects.
Responsibilities:
* Lead security aspects in projects such as system implementations, cloud migrations, and digital transformation initiatives
* Design and define end-to-end security architectures and protection strategies across cloud and on-prem environments
* Provide expert guidance on Security by Design, Privacy by Design, and emerging areas such as AI Security
* Conduct risk assessments, threat modeling, and comprehensive security reviews
* Support implementation of security solutions and oversee security testing activities
* Define security requirements and support RFP processes and vendor evaluations
* Collaborate closely with development, product, infrastructure, cloud, and DevOps teams

תת מחלקה:
יעוץ סייבר ואבטחת מידע