לוח משרות דרושים הייטק אבטחת מידע / סייבר בפתח תקווה

Required Senior Cloud Security Architect
Position Overview:
As a Cloud Security Architect, you will be responsible for defining and strengthening the security posture of our products and cloud environments. You will lead threat modeling, risk assessments, and the design of secure architectures, while guiding teams in implementing effective security controls and secure development practices. Working closely with developers, engineers, and management, you will ensure security is embedded throughout the product lifecycle and clearly communicate complex concepts across the organization. This role requires strong technical expertise, strategic thinking, and a proactive approach to emerging threats.
Key Responsibilities:
Conduct Threat Modeling and Security Risk Assessment to identify weaknesses in existing security measures and develop strategies to address them.
Design Security Architecture that withstand attacks and ensure the confidentiality, integrity, and availability of the product. This involves establishing secure configurations, access controls, authentication mechanisms, and encryption methodologies.
Implementing Security Controls guiding the integration of secure coding practices, establishing secure development lifecycles, and ensuring adherence to established security standards.
Collaborate with stakeholders including developers, engineers, and management teams. Communicate complex security concepts in a clear and concise manner, ensuring that all parties understand the importance of incorporating security measures into the product development process.
Stay updated with emerging threats and remain vigilant, continuously monitoring emerging threats and vulnerabilities.

Required Security Researcher
Position Overview:
Join our Forensic Research Group and take part in uncovering hidden data across mobile applications and cloud ecosystems. The team identifies, analyzes, and extracts forensic artifacts from mobile apps, APIs, cloud services, and raw binary data.
Research areas include protocol analysis, data extraction, file format reverse engineering, and decryption. The team specializes in black-box reverse engineering and advanced mobile analysis across Android and iOS.
You will investigate how mobile applications interact with cloud services and APIs, uncover hidden data flows, and extract forensic artifacts. Your work will include analyzing network traffic, reverse engineering API communication, and understanding data exchange between mobile apps and backend systems. You will conduct research across mobile platforms and cloud environments, reverse engineer protocols and data formats, and develop production-grade code in C# and Python to support large-scale data extraction and analysis, while maintaining internal parsers and research infrastructure.

This role oversees security governance, risk management, compliance, and incident readiness, while working closely with engineering, product, legal, MIS and other teams to embed security across the organisation and support customer trust and business growth.
Key Responsibilities
Develop and maintain the companys information security strategy, policies, and long-term roadmap. Both for production environments and for internal business by overseeing security of enterprise systems.
Lead security risk assessments, mitigation planning, and ongoing security monitoring.
Lead incident response planning, preparedness, and execution.
Manage security governance, including controls, documentation, and audit readiness.
Ensure compliance with relevant standards and regulations such as SOC 2, ISO 27001, GDPR, and emerging AI frameworks.
Direct security architecture reviews and support secure development practices across product and engineering teams.
Ensure security is integrated into engineering culture and delivery without hindering velocity, while aligning platform security with engineering practices and production resiliency requirements.
Oversee vendor security, penetration testing, and third-party risk management.
Serve as the primary security contact for customers, partners, auditors, and regulators, and own the security aspects of the companys products, in alignment with business and customers needs.
Provide regular updates to executive leadership on security posture, risks, and priorities.

We offer hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond to benefit the patients we serve. We are a dynamic, fast-paced company operating in over 34 countries on 5 continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are looking for Microsoft 365 Security Engineer to lead the implementation and continuous improvement of Microsoft security and compliance capabilities across the Microsoft 365 environment. The role focuses especially on Microsoft Purview and Microsoft Defender for Cloud Apps, and also covers Microsoft Defender for Office 365, Security for identity, Entra ID security controls, and security features across Exchange Online and collaboration services. You will translate requirements into technical design and configuration, implement and tune policies, rollout changes safely, troubleshoot complex issues, and document solutions and operational procedures. You will work closely with IT and system teams to ensure stable integrations, minimal business disruption, and measurable risk reduction.
Responsibilities:
Lead end to end implementation and ongoing improvement of Microsoft 365 security and compliance controls. Implement and operate Microsoft Purview, including sensitivity labels and DLP, and support additional compliance capabilities as needed. Implement and operate Microsoft Defender for Cloud Apps CASB, including cloud discovery, governance controls, and policy enforcement. Implement and tune Microsoft Defender for Office 365 protections for phishing, malware, and impersonation threats. Support identity driven security controls with Entra ID, including Conditional Access concepts and tenant security posture improvements. Improve Exchange Online security posture, mail flow protections, and related configurations. Create technical documentation, runbooks, and change plans, and provide operational support and troubleshooting. Partner with internal teams and stakeholders to plan rollouts, reduce false positives, and maintain business continuity. Experience in securing Microsoft SharePoint Online, including configuration of access controls, data protection policies, and compliance settings.
City:
Petah Tikva

Role Purpose:
Lead the technical Pre-Sale process: respond to RFPs, design cybersecurity architectures for both on-premises and cloud environments (AWS/GCP), and present solutions to clients.
Main Responsibilities:
End-to-end management of the technical Pre-Sale process: requirements gathering meetings, HLD/LLD design, building a technological value proposition, and presenting solutions to clients.
Responding to RFPs: breaking down requirements, drafting technical responses, addressing information security risks and regulatory compliance. Apply the teams and companys standard methodologies and templates.
Designing cybersecurity architectures for hybrid environments: integration between on-premises systems and cloud (AWS/GCP), implementing Zero Trust, Identity & Access, Network Security, Data Security, Logging/Monitoring/SIEM, PKI.
Leading planning teams and interdisciplinary interfaces (Sales, Legal, Delivery, Vendors). Coordinating POCs and demonstrations for clients.
Acting as the technological representative to clients: presentations, demos, workshops, and C-level briefings.
Supporting the transition to Delivery: handing over HLD/LLD, formally transferring design assumptions and risks.

our radar team develops cutting-edge radar technology for autonomous driving (av) and advanced driver-assistance systems (adas). we are looking for a Cyber security architect to lead the design and implementation of robust security solutions that protect our radar systems from cyber threats.
in this role, you will define security architecture for radar hardware, Embedded software, and communication interfaces, ensuring compliance with automotive cybersecurity standards and safeguarding mobileyes mission-critical sensing technology.
youll be part of a team shaping the future of autonomous driving. our radar technology is a critical component in delivering safe, reliable, and intelligent mobility solutions. youll work on innovative projects in a collaborative environment, with the opportunity to influence security strategy at a global scale. what will your job look like?
security architecture design - develop and maintain end-to-end security architecture for radar systems, including hardware, firmware, and software components.
threat modeling & risk assessment (tara) - perform threat analysis and risk assessment for radar components, software modules, and communication channels; identify vulnerabilities and design mitigation strategies.
secure communication - implement encryption, authentication, and integrity checks for radar data transmission between hardware and software layers.
secure software design - define and enforce security controls for apis, middleware, and integration points between radar systems and other vehicle subsystems.
compliance & standards - ensure radar systems meet iso 21434, unece wp.29, and other relevant automotive cybersecurity regulations.
collaboration with r&d - work closely with radar engineers, Embedded software developers, and system architects to embed security into the design process.
incident response support - provide architectural guidance during security incidents involving radar systems.
technology evaluation - assess and recommend security tools, frameworks, and methodologies for radar-specific applications.

Our autonomous driving software group in looking for an experienced Linux Kernel & security Developer to design and implement secure Embedded software solutions. this is an exciting opportunity to work with highly talented engineers and contribute to cutting-edge security innovations in automotive technologies
what will your job look like?
you will research, design, and implement Linux Kernel drivers and os features, ensuring compliance with security best practices.
maintain and enhance existing Kernel components while mitigating potential vulnerabilities.
integrate Embedded software solutions in our automotive platforms, including hw bring-up, debugging, and unit testing.
conduct threat modeling, penetration testing, and vulnerability assessments for Linux -based Embedded systems.
optimize memory management, i/o, networking, and Storage security within the Linux Kernel.

we are looking for a talented and experienced r&d platform engineer to join our dynamic team. our organization provides cutting-edge services utilized by both internal cyberark services and external customers. the ideal candidate will be responsible for defining and implementing best practices that can be shared across the company and working on edge technologies on the cloud. this position encompasses all stages of the software development life cycle (sdlc), including design, development, testing, and ensuring high roi on deliverables.
define and implement best practices for the r&d platform.
collaborate with internal and external stakeholders to understand requirements and deliver high-quality solutions.
work on edge technologies and cloud platforms to enhance our services.
participate in all phases of the sdlc, including design, development, testing, and deployment.
ensure high roi on deliverables by optimizing processes and solutions.
share knowledge and best practices across the company to promote a culture of continuous improvement.

looking for a senior software engineer to join our elite team which is responsible for building one of new saas products.
in this role you will be using aws serverless architecture, aws cdk & Python to design, develop, TEST, secure & deploy services from planning to production. you will practice all software development life cycle in an agile oriented environment while exploring new technologies and tools to keep us using cutting edge solutions.
the team works in full collaboration with security architects, product managers and other development teams.
we are looking forward for energetic and versatile person to join our family and help us achieving our goals.

looking for an experienced staff software engineer for our new authentication service. you will be responsible for building this core saas service, built on-top of aws using.net, eks, terraform and other cloud technologies. you will be working with an elite team to produce top-notch services at the highest standards, meeting the high security, stability, and performance standards of the largest enterprises in the world. qualifications
solid experience leading the design, development and delivery of features in saas applications
design and implement the infrastructure of the service
bachelors degree in Computer Science or engineering related field/technology elite unit alumni with relevant experience
7+ years of experience with aws
7+ years of experience in.net core
desire to use new technologies and understand them depth-in
proactive by nature, internal drive for excellence and improvement
good communication skills, fluent in english, good writing skills
autodidact, like to learn new things and share with the team
excellent ability to meet deadlines, while consistently striving for high-quality and efficient solutions good knowledge in containers and container orchestration
experience with development in cloud/saas environment (aws serverless architecture/eks is a definite advantage)
solid understanding of security and high scale best practices
experience with modern ci/cd tools, in particular, github, jenkins, and artifactory
deep understanding of various authentication protocols

as our principal architect for identity governance and administration (iga), you will be the visionary lead for our identity lifecycle management, compliance, and access control strategies.
design the integration approach between palo alto services and iga and between the on-prem applications and the iga cloud service. join the iga team to strengthen the overall iga capabilities across palo alto and improve its scalability.

We are seeking a AI Security Researcher to join AI Adversarial Robustness Research (A2RS), a multidisciplinary team focused on securing AI and GenAI models and systems.
Were looking for innovative team players who love new challenges, enjoy cracking tough problems, and thrive in cross-functional environments.
In this role, you will partner with data scientists and security researchers to define how we secure AI applications.
Responsibilities
Research AI and GenAI systems from a security perspective to understand when and how they are vulnerable to a variety of threats
Blue team: Explore innovative ways to enhance the security of AI systems
Red team: Analyze the attack surface of state-of-the-art AI technologies
Center of Excellence: Collect and synthesize research literature and open-source tools to build and maintain a robust knowledge base for adversarial robustness of AI systems
Distill and share AI security knowledge within and externally through seminars, blogs, papers, and conference talks
We encourage you to apply if you
Are passionate about exploring the field of AI security
Are a seasoned security researcher who enjoys both red team and blue team work: performing threat analysis, discovering new attack vectors, and designing mitigations
Have a strong AI background (well beyond prompt engineering) and a passion for math and algorithms
Learn quickly and thrive in uncharted technical territories
Love to gain, share, and build knowledge.

We are seeking an experienced Senior Security Engineer to join our Digital Forensics and Incident Response (DFIR) team within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks.
The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause.
As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams.
Responsibilities:
Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required.
Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders.
Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
Develop, maintain, and improve incident response plans, procedures, and playbooks to help ensure swift action and regulatory compliance.
Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements.
Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices.
Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
Assess vulnerabilities, propose remediation strategies, and keep up to date on current and emerging security trends, threats, and countermeasures.