לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

The Cloud Security team was founded with one mission: Help our customers secure their data, infrastructure and applications.
Cloud Security teams help DevOps and security-teams work together, with 4 main products : Workload Security, Posture Management, Application Security Monitoring and Cloud SIEM.
To become a leader in this domain, we need to consistently innovate, deliver new features to existing products and launch new products that will fulfill our customer needs. Join the team in this exciting journey!
What Youll Do:
Build and operate distributed, high-throughput, real-time data pipelines
Do it in Java and Go, with bits of Python or other languages
Use Kafka, Elasticsearch and other open-source components
Own meaningful parts of our service, have an impact, grow with the company

We believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.
Job Description Summary:
Information Security Engineer focused on cloud infrastructure and application security. There will be a heavy focus on large scale and highly dynamic GCP and AWS cloud environments with global presence.
Job Description:
Your day to day:
This role will be focused primarily on the security in AWS and GCP cloud environments in our company. This will include the security aspects of infrastructure, build pipelines, application design, cloud native service and tool design patterns, stakeholder communications, consulting and advisement of peer security teams, and solution review and approval.
What Do You Need To Bring
* A minimal of 5 years of experience working in a cybersecurity related position.
* Experience working with cloud-native security tools, AWS and GCP Infrastructure design, operation, and deployment, container and host security.
* Excellent communication and documentation skills.
* Knowledge of Kubernetes, terraform, source code management, infrastructure and application security tools such as CSPM, SAST, DAST, API security, DDOS and WAF.
* Development experience is a plus.
 
Our Benefits:
Were committed to building an equitable and inclusive global economy. And we cant do this without our most important assetyou. Thats why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.
 
Who We Are:
We have remained at the forefront of the digital payment revolution for more than 20 years. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, the company`s platform is empowering more than 400 million consumers and merchants in more than 200 markets to join and thrive in the global economy. For more information, visit our website.
We provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, we will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us.

As a Security Analyst on the On-Prem team, you'll play a vital role in continuously enhancing the product's ability to detect and prevent cyberattacks.

Responsibilities:

Collaborate with top-tier security professionals to develop, refine, and maintain complex detection and protection mechanisms.
Implement cybersecurity logic and features by identifying and validating new security content. You'll leverage security research and data analysis to improve product precision.
Stay ahead of the curve by continuously testing On-Prem's capabilities against emerging threats and evolving attack techniques.
Provide expert Tier 4 support for the product's EPP security features.
Collaborate with On-Prem customers remotely or on-site. This includes reviewing security rules and configurations, and recommending best practices.

Serve as the on-premises business unit's security architect, collaborating closely with engineering and technical services teams on resolving complex security issues.
Conduct in-depth security architecture research to identify and implement best practices aligned with industry standards like CIS, NIST, and FedRAMP.
Perform comprehensive risk assessments and threat analyses to proactively address potential vulnerabilities.
Design and implement code analysis and application security reviews. You'll lead hardening projects to enhance the security of the on-premises application and infrastructure.
Mentor developers and spearhead the development of an application security training program.
Work closely with product and R&D teams to translate security risks into clear business impact assessments.

The Security Research team focuses on constantly improving our detection and protection coverage against ever-evolving cyber-security attack techniques and tools. The team comprises top-tier global security researchers with expertise in offensive (red teamers, penetration testers) and defensive (SOC, DFIR, malware analysts, and reversers). Each research project and detection & protection rule become a core part of our various platforms.

In this position, you will

Conduct in-depth research of OS internals (including user space and kernel space components)
Guide other researchers and developers throughout the company
Take part in shaping our security vision - identify needs, perform in-depth research, and implement new and innovative security capabilities
Nurture ideas from their inception to their deployment over millions of endpoints worldwide
Focus on detecting and preventing malicious behavior, working with our developers to integrate the findings into our system.
Closely cooperate with other teams to constantly improve our product

The Security Research team focuses on constantly improving our detection and protection coverage against ever-evolving cyber-security attack techniques and tools. The team comprises top-tier global security researchers with expertise in offensive (red teamers, penetration testers) and defensive (SOC, DFIR, malware analysts, and reversers). Each research project and detection & protection rule become a core part of our various platforms.

In this position, you will

Collaborate closely with customers to understand their security needs and identify detection gaps.
Develop, enhance, and maintain complex detection & protection mechanisms in collaboration with top-tier global security professionals.
Analyze customer-provided red team reports, identifying key attack patterns and translating them into actionable detection improvements.
Implement cyber security logic and features while ensuring alignment with customer requirements.
Conduct security research and data analysis to validate newly created security content and ensure product precision.
Stay updated on emerging threats and new attack techniques, adapting detection capabilities proactively
Analyze advanced attack techniques and malware to inform the development of future defense mechanisms.
Provide Tier 4 support for our EPP product security capabilities, offering in-depth expertise to customers.

Collaborate closely with all development teams to build and govern security from day one to production, following best practices.
Perform application security assessments, including architecture design reviews and threat modeling.
Provide secure software guidance and act as a business enabler to cross-functional teams, including product, engineering, etc.
Design, build, and implement best-in-class application security solutions.
Lead and promote security audits, vulnerability assessments and code reviews.
Develop software security guidance, including training material, best practices, secure coding checklists, and reusable code.
Validate ongoing compliance with policies and procedures in support of regulations.
Raise the overall security awareness for the Secure-SDLC and define training roadmaps based on needs.
Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards.
Review & manage security issues identified in products, analyze severity and risk, and provide recommendations for remediation.
Establish, manage, and lead a bug bounty program

We are looking for a highly skilled Product Security Architect to join our team at Tipalti. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:

Collaborate closely with all Tipalti development teams to build and govern security from day one to production, following best practices.
Perform application security assessments, including architecture design reviews and threat modeling.
Provide secure software guidance and act as a business enabler to cross-functional teams, including product, engineering, etc.
Design, build, and implement best-in-class application security solutions.
Lead and promote security audits, vulnerability assessments and code reviews.
Develop software security guidance, including training material, best practices, secure coding checklists, and reusable code.
Validate ongoing compliance with policies and procedures in support of regulations.
Raise the overall security awareness for the Secure-SDLC and define training roadmaps based on needs.
Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards.
Review & manage security issues identified in products, analyze severity and risk, and provide recommendations for remediation.
Establish, manage, and lead a bug bounty program

we are looking for an experienced Security Solutions Engineer to help us create new Blink automations and scalable solutions for our customers. Your role will be both strategic and tactical, as youll be working directly with customers to understand their requirements, design solutions, and implement security controls. Join us on our mission to help every security team achieve operational excellence.

What You'll Do

Design and implement security solutions to automate the real-world customer pains.
Provide expert advice and recommendations for our security solutions that can achieve customer objectives.
Collaborate with the Sales team to establish a reputation for technical excellence and trustworthiness with potential customers.
Work jointly with other Solutions Engineers & Architects to support the Sales team with technical content and call support.
Establish and maintain a knowledge hub or repository of security best practices, resources, and insights.
Collaborate with the marketing team to generate demos, case studies, blogs, and videos.

We are looking for a talented, full-time IT and Security Operations Engineer to help us keep our fleet of devices and networks secure and our office work environment efficient and organized.


Our employees travel the world, taking devices with them that require the utmost security policies and monitoring in place to remain protected and compliant.

If you believe you are someone with long-term goals who thrives in a team environment, wants to grow with us, and will appreciate working in a fresh, fun, and dynamic office in the heart of Tel Aviv, wed love to hear from you.


Main roles and responsibilities:

Managing network infrastructure and its security around our office locations, both on-site and remotely.

Operating a help desk which involves software and hardware assistance, installation, and troubleshooting.

Deploying and maintaining endpoints via Azure AD and other MDM infrastructures.

Responding promptly to IT and security incidents, troubleshooting issues, and implementing solutions to minimize downtime and mitigate risks.

Acquiring and managing software and licenses.

Monitoring security events in SIEM platforms.

Onboarding, triaging, and testing new IT and InfoSec technologies for the corporate environment.

inventing a new way of managing IT end-to-end for IT professionals and teams worldwide.

By creating an AI-powered IT platform, all-in-one Remote Monitoring and Management (RMM) Helpdesk, Ticketing, and Reporting solution helps more than 23,000 IT pros achieve 10X operational efficiency, cut down time-to-resolution, and deliver better outcomes faster. Located in the heart of Tel Aviv, our team of passionate, like-minded individuals is driven by a shared mission to unleash everyone's potential and constantly innovate. We create an open, transparent, and supportive environment that gives our teams the autonomy, resources, and freedom to thrive.
We are looking for an experienced Application Security Engineer to join our team! As an Application Security Engineer, you will work with our security and R&D teams and collaborate with other IT professionals to ensure that our application, the product, the services, and the data are protected.
This is a full-time and onsite (hybrid-remote) role at our Tel Aviv office.

Responsibilities
Providing technical leadership, guidance, and direction to the DevOps, Development, and Product teams on secure code programming based on industry best practices.
Developing and maintaining specific documentation of application security controls, policies, and procedures and ensuring their implementation.
Designing technical solutions to address security weaknesses.
Analyzing system services and spotting issues in code, infrastructure, and applications.
Develop and implement continuous service improvements to the Application Security Management program.
Deliver next-generation application security controls, solve technical barriers with tools and processes, and align with application teams to ensure strong adoption.
Perform threat modeling, static and/or dynamic analysis, application security validation (negative and positive), source code review, and app PenTests to provide development guidance based on security best practices.
Update the library of information security documentation with application standards, work instructions, and training materials.
Develop communication plans for the enterprise security application function by partnering with business and enterprise architects.
Conducting pilot or POC with selected vendors for threat modeling, architecture reviews, code scanning, and penetration testing.
Collaborating with cross-functional teams and getting their cooperation.

We are looking for a talented and motivated IT & Security Specialist to join our growing team. You will be responsible for managing the day-to-day IT operations and ensuring the security of our company's data and systems.
This is a fast-paced environment where you will wear many hats, but you will never be bored!
Responsibilities:
Manage all aspects of our IT infrastructure, including laptops, servers, and networking.
Troubleshoot and resolve IT-related issues for employees.
Manage the IT MDM platform, and maintain 3rd party applications up to date.
Implement and maintain security policies and procedures.
Monitor security threats and vulnerabilities.
Coordinate regular security assessments and testing
Stay up-to-date on the latest IT security threats and best practices.
Maintain accurate IT documentation.
Utilize top-notch technologies for managing endpoint devices, leveraging the latest advancements in endpoint security and lifecycle management (ETLC).

We are looking for a Cyber Security Consultant to perform a range of expert level services. The successful candidates should have experience both as a security practitioner and security consultant, profound technological cyber knowledge and passion for cyber security. In addition, they should have a service approach, excellent communication skills and the ability to learn and work with the best in the field.
Main Responsibilities:
Evaluate the state of security, configurations, and security strategy, identifying gaps and opportunities and anticipating needs
Consult in cyber security engagements, including development of a cyber security plans and design implementation, and provide guidance on building security
Recommend cyber security strategies, policies, and procedures
Develop and support clients with internal training to assure deep understanding of fundamental cyber security practices, risks, and recommended mitigation tactics
Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks and vulnerabilities
Collaborate with the cyber experts team in the development and implementation of cyber assessment tools, services, and best practices.

We are looking for a Android Security Researcher II.
The Security Researcher focuses on deep research of new vulnerabilities
and exploits, including how to use this knowledge to the benefit of our customers and the security product suite.
The work includes reverse engineering, so requires a deep understanding of the target operating system, and relevant tools and techniques. Depending on the specific role, Security Researchers will be expected to deliver product detection enhancements (including code and/or rules), POCs of exploits, CVEs, and marketable research.
Security Researchers will have access to cutting-edge technology only found within the Threat Labs team.
Security Researchers analyze customer detections, informing our response and further development of our proprietary threat intelligence and security capabilities.
What you can expect to do in this role:
Perform research, including reverse engineering, into novel and zero-day vulnerabilities and exploits, using of in-house and 3rd party tooling, providing recommendations on how to protect our customers.
Perform analysis of customer detections generated by our platform to determine accuracy; recommend detection changes accordingly.
Research new ways to detect malicious activity using custom-built tooling.
Stay up to date on the latest malware trends and OS developments.
Development and maintenance of custom research tools to assist in day-to-day tasks.
Support sales and marketing by supporting the creation of marketable material and thought leadership.
Perform other duties and special projects as assigned.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback

Security Researcher plays a critical role in advancing our mobile security research efforts.
This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research.
What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.