לוח משרות דרושים מומחה אבטחת מידע / סייבר

Requirements:
Strong hands-on application and security engineering experience, with deep expertise in modern cloud environments, cloud-native security, and secure software development
Proven ownership of end-to-end security programs, including defining and executing roadmaps, policies, and cross-domain security initiatives
Deep knowledge of SDLC security and DevSecOps, covering CI/CD, container security, infrastructure-as-code, and embedded security controls in engineering workflows
Hands-on experience with application security tooling, including SAST, DAST, SCA, runtime monitoring, vulnerability management, and threat modeling
Practical experience leading incident response and remediation, including preparation, detection, post-incident improvements, and guiding developers through secure coding and remediation discussions
Ability to review and understand code in at least one modern programming language, and work closely with developers on secure code reviews and implementation fixes

Requirements:
5+ years of experience in cyber security, vulnerability management, or related domains.
Hands-on experience with vulnerability management processes and tools (e.g., Qualys, Tenable, Rapid7, Wiz).
Experience working in cloud, infrastructure, or application environments.
Strong execution and tracking skills with high attention to detail.
Experience working with cross-functional technical teams.
Experience with project management tools such as Jira, Monday, Asana, or similar.
Excellent communication skills in Hebrew and English.
Preferred Qualifications
Experience working in a CISO organization or Security PMO.
Familiarity with risk-based prioritization and remediation strategies.
Background in SaaS or cloud environments.

Requirements:
3-5 years of experience in Vulnerability Management, cyber security operations, or related domains.
Strong hands-on experience managing vulnerability lifecycle and remediation processes at scale.
Proven experience working with vulnerability management tools (e.g., Qualys, Tenable, Rapid7, Wiz, Prisma Cloud).
3+ years of experience in project or program management within technology or security environments.
Strong understanding of cloud, infrastructure, and application environments.
Experience working cross-functionally with Security, DevOps, Engineering, and IT teams.
Experience in risk-based prioritization and security risk management methodologies.
Hands-on experience with project management tools such as Jira, Monday, Asana, or similar systems.
Excellent communication skills with experience presenting to senior leadership.
Preferred Qualifications:
Experience working within a CISO organization or Security PMO.
Background in SaaS, cloud infrastructure, or large-scale enterprise environments.
Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST, etc.).
Experience leading enterprise-wide security or risk reduction initiatives. BSc in Industrial Engineering, Computer Science, or a related field.

Requirements:
Bachelors or Masters degree in Cybersecurity, Computer Science, Information Technology, or related field.
7+ years of cybersecurity experience, with 3+ years in a leadership role.
2 years of Incident Response and or SOC management role.
Deep expertise in Microsoft 365 security (Defender suite, Microsoft Purview, Azure AD Identity Protection, Sentinel).
Strong knowledge of Active Directory, Azure Active Directory, Windows Servers, DNS, DHCP, and Group Policy.
Broad experience with SIEM, EDR, Threat intelligence, and vulnerability management tools.
Proven knowledge of security frameworks: NIST, ISO 27001, CIS, or equivalent.
Professional certifications required: CISSP, CISM, CEH, MS-500, SC-200, or comparable.
Strong leadership, communication, and problem-solving skills.
Experience working within multinational, matrixed environments.

Requirements:
8+ years of experience in Information Security, including 4+ years in a Security Architecture role
Proven experience designing security architecture for large‑scale cloud or SaaS environments
Strong knowledge of cloud‑native architectures, distributed systems and SaaS design patterns
Deep understanding of:
Identity & Access Architecture (IAM, CIAM, authentication, authorization, governance)
Network Security (segmentation, isolation, secure routing, micro‑segmentation)
Endpoint Security (posture validation, secure access, device trust models)
Email & Collaboration Platform Security (secure configuration, access controls, threat prevention)
Application & API Security
Data protection and secure key‑management principles
Experience working closely with Platform Engineering, Cloud Infrastructure, DevOps and R&D teams
Ability to turn security strategy and policies into actionable architecture standards and technical solutions
Hands‑on experience conducting security architecture reviews, threat modeling, and risk assessments
Strong skills in creating technical documentation, architecture diagrams and security standards
Experience supporting incident analysis, cloud threat detection and mitigation planning
Excellent communication skills, with the ability to explain complex concepts to technical and business audiences
Demonstrated leadership skills and the ability to influence architecture decisions across the organization
Fluent English, written and spoken
Advantages:
Experience in the following areas will be considered a strong advantage:
Designing security for multi‑tenant SaaS platforms
Expertise in container security, orchestration frameworks, service mesh, and cloud‑native platforms
Knowledge of Zero Trust models and continuous evaluation of identity, device, and access context
Experience with major cloud security domains, including:
CSPM - Cloud Security Posture Management
CNAPP - Cloud‑Native Application Protection Platforms
CWPP - Cloud Workload Protection Platforms
SASE / SSE - Secure Access Service Edge / Security Service Edge
Experience in Vulnerability Management and secure configuration governance
Understanding of security requirements in regulated industries such as financial services or insurance
Relevant certifications such as CCSP, CISSP or equivalent domain expertise.

Requirements:
4+ years of experience in information security and GRC
Proven track record managing SOC 2 Type 2, ISO 27001, or similar compliance frameworks for SaaS organizations
Experience working with SOC (cybersecurity operations center) and response to cybersecurity incidents
Hands-on experience with IT and Security tools
Strong understanding of security controls frameworks (NIST CSF, CIS Controls, OWASP)
Technical understanding of cloud security (AWS/Azure/GCP), application security, and infrastructure security
Excellent written and verbal communication skills with the ability to translate technical concepts for various audiences
Self-starter who can build processes from the ground up and operate with limited oversight
Relevant certifications preferred (CISSP, CISM, CISA, or equivalent).

Requirements:
Mandatory:
Minimum 1 year experience in establishing and management of intelligence infrastructure
Operational online security orientation: Demonstrate awareness of security risks in diverse operational environments and understand appropriate mitigation measures
Experience in operational processes and / or investigations within the different realms of the cyber sphere (mobile environments and web)
OSINT and online research experience
Proven ability to identify trends and methodologies that support the different infrastructure environments creation and management
A proactive and independent learner of new practice areas and technological tools
Strong written and verbal communication skills
Fluent English
Nice to have:
Additional languages
Curiosity and out of the box thinking
Ability to work under pressure.

Requirements:
5+ years of backend/systems engineering experience with modern languages (Go, Python, Java, C#, or Node.js)

Deep cloud platform expertise (AWS, Azure, or GCP) - you understand cloud internals, not just APIs

Proven experience designing and building distributed systems, microservices, and event-driven architectures

Container orchestration experience with Docker, Kubernetes, or similar technologies

Strong ownership mentality - you take pride in your work and see projects through to success

Self-directed learning ability - you can dive into unfamiliar territory and emerge with solutions

Excellent collaboration skills - you communicate clearly and work effectively across teams

Requirements:
5+ years of backend/systems engineering experience with modern languages (Go, Python, Java, C#, or Node.js)

Deep cloud platform expertise (AWS, Azure, or GCP) - you understand cloud internals, not just APIs

Proven experience designing and building distributed systems, microservices, and event-driven architectures

Container orchestration experience with Docker, Kubernetes, or similar technologies

Strong ownership mentality - you take pride in your work and see projects through to success

Self-directed learning ability - you can dive into unfamiliar territory and emerge with solutions

Excellent collaboration skills - you communicate clearly and work effectively across teams

Requirements:
6+ years experience in programming, Golang and Python are our preferred languages.

Knowledge on services with at least two Cloud providers out of Aws, Azure and GCP.

Experience developing and consuming RESTful API web services.

Experience interacting with major cloud providers, mainly Amazon Web Services (AWS), as well as Azure and Google Cloud (GCP).

Understanding data structures and a key-value distributed caching solution, such as Redis.

Experience using RDBMS databases, and accompanying knowledge of SQL.

Experience with data modeling and Extract-Transform-Load (ETL) concepts.

Bachelor's degree or equivalent work experience. Proficiency with common algorithms, data structures, code whiteboarding.

Requirements:
Proven expertise in security research, methodologies, technologies, and tools.

Minimum of 5 years experience in cloud security research with demonstrated experience in technical leadership or mentoring roles.

Strong leadership and communication skills with experience guiding and developing technical talent.

Experience with cloud-native services, infrastructure, and environments.

Experience with threat research and misconfiguration identification.

Comprehensive knowledge of cloud platforms (AWS, Azure, GCP) and their security features.

Excellent conceptual thinking and communication skills, capable of conveying complex ideas effectively and building consensus among technical teams.

Demonstrated ability to establish technical best practices, lead technical discussions, and coordinate collaborative research efforts.

Requirements:
6+ years experience in programming, Golang and Python are our preferred languages.

Knowledge on services with at least two Cloud providers out of Aws, Azure and GCP.

Experience developing and consuming RESTful API web services.

Experience interacting with major cloud providers, mainly Amazon Web Services (AWS), as well as Azure and Google Cloud (GCP).

Understanding data structures and a key-value distributed caching solution, such as Redis.

Experience using RDBMS databases, and accompanying knowledge of SQL.

Experience with data modeling and Extract-Transform-Load (ETL) concepts.

Bachelor's degree or equivalent work experience. Proficiency with common algorithms, data structures, code whiteboarding.

Requirements:
Hands-on experience in security engineering or infrastructure security roles.
Strong understanding of network protocols, architectures, and common network-based attack techniques.
Experience securing databases and sensitive data, including encryption, access governance, and auditing.
Practical knowledge of AI/ML systems and modern AI usage patterns, including risks related to training data, inference APIs, and model access.
Understanding of emerging AI security threats, including prompt injection, data leakage, model abuse, and supply-chain risks.
Experience working in cloud environments (AWS, Azure, or GCP) and cloud-native security controls.
Experience participating in or leading security incident response and investigations.
Proven ability to take ownership, lead security processes end-to-end, and drive initiatives across multiple teams.
Strong analytical skills, proactive mindset, and ability to work effectively with cross-functional teams.
Advantage:
Experience with automation platforms and security-related workflows.
Familiarity with modern security architectures such as Zero Trust.

Requirements:
8+ years of relevant industry experience as a low-level vulnerability researcher.
Proven track record of finding memory corruption vulnerabilities (stack/heap overflows, UAF, TOCTOU, etc.).
Proven track record of developing complex exploits.
Excellent understanding of common security mitigations such as ASLR, DEP, and CFI.
Excellent understanding OS internals, network protocols and cryptography concepts.
Proficient in Assembly, C, and Python.
Expert with IDA Pro / Ghidra, and GDB.