לוח משרות דרושים הייטק אבטחת מידע / סייבר במרכז

As a Detection Engineer II for Cloud Security Management (CSM), you will deliver novel detection content to our security products in order to notify customers when risky cloud configuration changes, cloud identity risks and potential attack paths are detected in their cloud environments using a plethora of observability and security data.
You will creatively identify ways to provide coverage of security frameworks and benchmarks to our customers and identify areas of improvement for technology, process and detection for us.
Together with your team, you will research cloud infrastructure vulnerabilities and misconfigurations, as well as attacker techniques against cloud-native technologies and evangelize your findings with the community. Youll apply data-driven insights to generate the highest quality security findings for our customers. Additionally, youll serve as the voice of the customer to continuously provide product feedback through our partner product teams.
What Youll Do:
Continuously learn everything about detecting attack paths, identity risks, misconfigurations, and vulnerabilities in cloud-native environments and pour it back into building a great cloud security product for our customers
Leverage Open Policy Agent (OPA) to build and maintain highly contextualized detections for our Cloud Security Posture Management (CSPM) product using OPAs Rego policy language to protect our customer cloud environments and test those detections end-to-end with Terraform
Model cloud native technical controls across a variety of both governmental and commercial compliance frameworks and security benchmarks to help our customers achieve both compliant and secure cloud configuration state
Partner with product management, engineering, security research and customers to develop roadmaps of content for cloud security and compliance concerns
Identify and drive inefficiencies out of content development processes through the creation of innovative tooling, automation; shepherd platform issues impacting content development and user experience through engineering to completion
Evangelize yourself and the security brand through blog posts, documentation, webinars, and workshops. Present at conferences to highlight the challenges and successes in the field

The Cloud Security team was founded with one mission: Help our customers secure their data, infrastructure and applications.
Cloud Security teams help DevOps and security-teams work together, with 4 main products : Workload Security, Posture Management, Application Security Monitoring and Cloud SIEM.
To become a leader in this domain, we need to consistently innovate, deliver new features to existing products and launch new products that will fulfill our customer needs. Join the team in this exciting journey!
What Youll Do:
Build and operate distributed, high-throughput, real-time data pipelines
Do it in Java and Go, with bits of Python or other languages
Use Kafka, Elasticsearch and other open-source components
Own meaningful parts of our service, have an impact, grow with the company

We are looking for a talented and hands-on SecOps Specialist to join its core InfoSec & IT department.
RESPONSIBILITIES:
The position is designed to be hands-on, focusing on the operational aspects of security and compliance within the organization. It is essential for supporting our strategic vision, ensuring effective and efficient implementation of security and compliance initiatives.
As a SecOps Specialist you will be responsible for executing the operational aspects of information security and support security strategies formulated with the Director of InfoSec & IT.
This role requires a strong focus on the day-to-day management and monitoring of security practices, the integration of security within the software development lifecycle, ensuring the organizations policies, procedures, and different systems are aligned with customers requirements, regulatory requirements and industry best practices.

KMS Lighthouse is looking for an experienced Cloud Security Engineer to manage and secure Azure and Microsoft 365 environments. Focus on implementing security measures, ensuring compliance, and optimising cloud infrastructure security.

Responsibilities:

* Security Implementation: Design, implement, and manage Azure and Microsoft 365 security solutions.
* Monitoring & Response: Monitor security alerts, lead incident response, and conduct regular assessments.
* Compliance: Ensure compliance with ISO 27001, SOC2 Type II and NIST standards.
* Collaboration: Work with IT teams, provide training, and collaborate with external partners.
* Continuous Improvement: Stay updated on cybersecurity trends and recommend improvements.

Advantages:
Preferred Certifications: Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Azure Solutions Architect Expert CISSP, CCSP or related field certification

Required Security Specialist- Red Team
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
As a Specialist in the SecOps and Forensics department, you will lead real-world adversary simulations for our customers and prospects with the goal of helping them gain visibility into their security posture and measure the overall maturity of their cyber programs.
You will have the opportunity to research new attack vectors, develop unique payloads, and create real-world attack scenarios while putting emphasis on evasion and operation security. Additionally, your expertise will be applied by helping guide clients towards best practices while maturing their utilization of their current cyber security stack.
The ideal candidate is a passionate individual with a minimum of 3 years experience working in offensive security. They will be creative and driven to find unique solutions to difficult challenges while maintaining smooth delivery on simultaneous adversary simulation engagements. They will have a desire to improve our status quo, becoming an active contributor in maturing our team.
Responsibilities:
Independently lead and execute adversary simulations in customer networks
Conduct thorough research to create effective adversary attack strategies applicable to customer settings
Design new attack simulations that evade security controls, ensuring sustained access while remaining undetected
Analyze our metadata streams and raw data from other security products for adversary research purposes
Collaborate with customers to ensure that products play a central role in their Security Operations and Incident Response methodologies.

We are in search of a skilled and motivated Security Researcher to join our team.
As a Security Researcher, your primary focus will be on creating and researching anomaly and behavioral based threat models, dissecting attack techniques, and leading proactive threat hunting endeavors across a spectrum of domains, including cloud infrastructures (with a specialized emphasis on Office 365 and Azure), network security, proxies, firewalls, DNS, Active Directory, Azure Active Directory, and SharePoint, and product security.
Your role will require a profound comprehension of security concepts and a forward-thinking approach to identifying and writing detections for potential risks.

Required Security Engineer (DFIR)
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
Join our research and development team as a Security Specialist within the Forensics group. In this role, you will play a crucial part in cyber defense, specifically focusing on conducting research on big data and Investigation algorithms. Your primary responsibilities will revolve around research and development of forensic investigations on big data, demanding a high level of proficiency in coding, particularly in Python.
As a key contributor, you will closely collaborate with our global DFIR, and engineering teams, actively participating in product development and reinforcing our global team operations. This role requires substantial experience in digital forensics and incident response, making your expertise essential in delivering advanced research capabilities.
If you are passionate about cybersecurity and have an extensive background in DFIR and development experience, this is the perfect opportunity for you to make an impact and advance your career. Join us on the front lines of cyber defense and help protect our customers from the ever-evolving threat landscape.
Responsibilities:
Conduct research on big data and develop complex Investigation algorithms.
Collaborate closely with our engineering teams to enhance functionality of our security platform to better support your research.
Evaluate the success and accuracy of your research, identifying areas for improvement in the process.
Study and analyze threats discovered by our global DFIR team, contributing to a comprehensive understanding of emerging cyber threats.

We are seeking a highly skilled and motivated Detection Engineer to join our team.
As a Detection Engineer, you will be responsible for utilizing your strong Python skills and extensive security background to work closely with our Research Team. Your role will involve understanding their research outcomes and translating them into actionable solutions on our proprietary platform, using Databricks and Pyspark. While not directly working on SOC and SIEM systems, your background in these areas will be valuable in understanding security concepts and requirements. Experience with querying large datasets and knowledge of Pandas is an advantage. We are looking for candidates with exceptional personalities, enthusiasm, a strong work ethic, and a willingness to work hard and learn towards becoming security researchers in the future. Excellent social skills, logic abilities, and self-discipline are crucial for this role.
Responsibilities:
Collaborate closely with our Research Team to understand their research outcomes and develop them into practical solutions.
Utilize Python programming skills and a strong security background to implement research findings on our proprietary platform.
Work with Databricks and Pyspark to develop efficient and scalable solutions for processing and analyzing large datasets.
Stay up-to-date with the latest security trends, attack vectors, and industry best practices to enhance detection capabilities.
Collaborate with cross-functional teams to gather requirements and integrate security measures into the platform's architecture.

We are looking for a driven Cyber Security Analyst.
As a Cyber Security Analyst, your work will encompass various aspects of information security. You will work with different technologies and platforms such as Active Directory, DNS, Proxy, Azure, VPN, O365 suite, and AI.
The work will entail analyzing anomaly and behavioral based threat models and enhancing detection, enhancing our phishing detection platform, performing data driven threat hunting and preliminary research of emerging threats.
Your role will require a comprehension of security concepts and a forward-thinking approach.
Responsibilities:
Analyzing security alerts and providing feedback
Analyzing email and classifying based on content, purpose, and security risk
Developing and improving techniques to identify and filter spam and phishing emails
Collaborating with our Threat Labs researchers to document detections, investigate emerging threats, and supporting research projects
Simulating events and alerts in lab environments by using tools or mimicking attacks
Discovering and evaluating potential risks using threat hunting and big data
Building tools and solutions to help enhance work processes.

Required Cloud Security Researcher
Summary
Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: Is my data safe?
we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. Weve building the industrys first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.
We move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
Responsibilities:
Research for new security issues/vulnerabilities in Cloud Environments & SaaS Applications
Write proof-of-concept, threat detections, and analytical algorithms
Analyze logs and behavior of user activities on Cloud Environments & SaaS Applications
Hunt threat actors & insider threats
Collaboration with R&D groups within the company to implement your latest research
Evaluate and recommend steps to harden customer's Cloud Environments & SaaS Applications
Optimizing existing algorithms to reduce false positives and increase the value of our products
Writing cyber security oriented blogs and publications
Follow and Evaluate new security threats, attack vectors, and technologies.

Required Cloud Security Developer
Summary :
Data has never been more valuable and vulnerable.
As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: Is my data safe?
We see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. Weve building the industrys first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.
We move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
Responsibilities:
Conduct thorough analysis of cloud products, compliance frameworks, and security rules to identify potential misconfigurations and security risks
Utilize cloud service APIs and frameworks to develop content that proactively monitor and enforce security best practices.
Participate in the entire development lifecycle, focusing on coding and debugging
Manage cutting-edge technologies
Gain a deep understanding of the product, architecture, and use-cases
Communicate effectively with the Security Research group to define the appropriate cases and develop processes.

We are looking for an Application Security Architect to join the Product Security team and be responsible for the overall security of our products and services. The successful candidate will be responsible for contributing to our Cloud/On-prem strategic security program.
The candidate will be reporting to the Director of Product Security.
Responsibilities
Work to obtain the right mandate to ensure new products or services are launched with the appropriate security controls
Provide security standards, requirements, and guidelines for securing the products.
Take a part in the development lifecycle and integration of security features into all phases of software design and development
Assist with reviewing architecture and design for new products, features, and services.
Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
Research new application security tools and technologies and evaluate options that enhance security capabilities
Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers.

We are seeking a Director of Information Systems to spearhead our IS and IT initiatives, aligning technology strategies with our business goals to facilitate seamless operations and robust growth.
RESPONSIBILITIES
Technology Leadership. Develop and oversee the vision and strategic roadmap for all aspects of information technology, ensuring alignment with company objectives. Maintain and optimize existing systems while selecting and implementing new technologies to enhance operations. Stay current with technological advancements to drive innovation and efficiency.
Software and Application Services. Lead the management and lifecycle of SaaS applications utilized company-wide and business unit-specific applications. Provide hands-on technical leadership, guiding the team in the development, deployment, and maintenance of software solutions.
User Services Management. Oversee and direct all aspects of user services.
Infrastructure Management. Ensure robust, secure, and efficient operations of the IT infrastructure.
IS Governance and Change. Lead Information System governance, including change management processes and establishing centers of excellence. Ensure compliance as directed by applicable stakeholders.
Project Management and Deployment. Direct the planning, execution, and successful delivery of IT projects, aligning them with business timelines and demands.
Financial and Budget Management. Develop and control the IT budget, strategically investing in technology solutions that enhance operational efficiency and innovation.
Team Leadership and Development. Mentor and lead the IT department, fostering a culture of high performance, continuous improvement, and alignment with strategic goals.
Risk Management and Compliance. Manage IT-related compliance and risk, adhering to industry regulations and standards.