לוח משרות דרושים מומחה אבטחת מידע / סייבר לדוברי אנגלית

We are looking for a Director Cyber & Data Risk Strategy.
As a leader in Cyber Insurance, we are collecting amounts of cybersecurity data and utilizing it for risk quantification and insurance pricing. As cybersecurity is an ever-changing domain, so is risk data, the analysis of this data and impact of utilizing it in a timely and accurate manner.
In this role, you will own and lead the intersection of cybersecurity data, technology, and risk strategy. You will work closely with various teams across the company on technology-led initiatives, as well as orchestrate the various projects in this area.
This is an opportunity for a results-driven individual to lead cross-functional initiatives, present findings and recommendations to senior leadership, and redefine how complex projects should be executed.
How youll make an impact :
Lead cross-functional Tech<>Risk projects by collaborating with the relevant teams: Risk Analytics, Pricing, Decision Engine, Modeling, Cyber Research, Data Science, Data Engineering, Product Management, R&D, Analytics, and relevant business teams.
Data Expertise & Ownership: Become the go-to expert on all cyber data aspects, with a deep understanding of risk drivers, data quality, architecture, and analytics.
Identify & Drive Technical Data Roadmap: Translate business and risk priorities into clear data platform strategies, requirements, and roadmaps that align with business goals and technological capabilities and promote research initiatives.
Promote cross-company alignment of all cyber and technical aspects of risk by owning and enhancing cyber incidents taxonomy.
Drive a culture of data-driven decision-making
Identify issues, build hypotheses, and lead research to generate insights and recommendations for our leadership.

We are looking for the best to join us as we expand our groundbreaking journey.
We are confident that your unique skillset, perspective, and passion, encouraged and inspired by our wealth of technology, research and expertise in these fields will be the driving force needed to continue being an industry spearhead for many years to come.
Position Description:
We are interested in welcoming a Senior Cybersecurity Expert to join our team, to plan, research, and develop proprietary automotive cybersecurity solutions.
Responsibilities and tasks include:
Threat and vulnerability assessment and analysis
Design, implement, and verify mechanisms to neutralize potential threats
System hardening and characterization
Penetration testing

we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.
Main Responsibilities:
Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.
Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.
Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.
Collaborate with IT and Security teams during investigations.
Generate and present a comprehensive and professional report of findings from investigations.

we are looking for a Cyber Security Engineer with a solid technical background in cyber security to lead the implementation of Velocity XDR product and ensure that meet its clients cyber security needs.
As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.
Main Responsibilities:
Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

We are looking for an eager and talented individual for our growing Solution Architect team.
You will be a part of a fast-growing cybersecurity company, learn and practice high-end cyber skills from the best in the business and manage customers regionally.
You will work with amazing people who work together to improve the cybersecurity resilience of our customers.
The Solution Architects are considered to be our top experts in our products, serving as a very important point of contact between our customers and our inner departments.
Roles and Responsibilities:
Demonstrate a deep understanding and professional knowledge in platform across our customers networks
Design deployment solutions for the platform in complex environments
Maintain in-depth knowledge of security trends, threats, and attack techniques in order to be able to improve and to give better remediation guidance to the customers
Lead technical deep-dive sessions with cybersecurity experts, guide them through better Penetration Testing procedures and remediation/defense decisions
Be involved in the business application of the company by maintaining customer loyalty and act as a product expert focused on customer education and identify service expansion opportunities to drive increased revenue
Interface between different internal departments (Support, R&D, Sales, Pre-Sales, and more) to improve your skills, knowledge and problem-solving capabilities
Pay attention to support requests to identify recurring issues and recommend changes to the platform
Flexibility to accept a changing work description based on a hyper-fast startup

Were looking for an IT Compliance Associate to join our Technology team and help ensure our systems, vendors, and internal processes meet legal, regulatory, and security standards. In this role, youll support the design and implementation of an effective IT compliance framework, manage access controls, assess risk, and guide teams in upholding compliance across the organization.
Youll also help shape policies, identify gaps, and drive remediation efforts with cross-functional stakeholders. This is a collaborative, detail-oriented position with room for growth in the cybersecurity and compliance domain .
What Youll Actually Be Doing
Native-level fluency in both English and Hebrew (written and verbal)Must
Develop and maintain an effective IT compliance program
Conduct risk assessments on internal processes and systems
Lead access recertification and vendor risk assessment processes
Draft, manage, and update internal compliance policies and documentation
Review vendor documentation for regulatory and security alignment
Analyze data, identify compliance gaps, and implement remedial actions
Prepare reports, dashboards, and compliance summaries for internal stakeholders
Organize and contribute to quarterly Cyber Steering Presentations

Were seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, youll embed security across the entire SDLC - from CI/CD pipelines to smart contractshelping us build secure-by-design systems that power the future of fintech and digital assets.
Youll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, youll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.
What Youll Actually Be Doing:
Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
Build reusable security components, libraries, and developer-friendly guardrails
Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Were seeking a passionate Content QA Analyst to join our R&D department. By evaluating conversations our users have with our AI agents, you'll help spearhead our efforts to improve product quality and user experience and take part in strategizing efficient solutions. Youll play a key role in our project management life cycle.
Responsibilities:
Review and analyze end users conversations with our AI assistant in order to find the most impactful conversations and improve our core conversation engine.
Identify, generalize, and bucket problems in our new and existing use cases.
Evaluate new features and capabilities to ensure they are polished prior to release.
Use LLMs like ChatGPT in order to automatically analyze conversations and improve our natural language understanding.
Create and tag datasets to train new, highly accurate AI models.
Work closely with product managers, UX experts, software engineers, solutions engineers, and NLP experts to propose solutions and participate in the implementation.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC - from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets. You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
* Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
* Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
* Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
* Build reusable security components, libraries, and developer-friendly guardrails
* Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
* Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
* Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Why You’ll Love Working Here:
You’ll help secure some of the most innovative products in fintech and crypto - while collaborating with brilliant, supportive teammates who care deeply about doing things the right way. Our security culture is proactive, collaborative, and continuously improving. You’ll have the autonomy to lead impactful initiatives, influence design from day one, and grow alongside a team that’s invested in modern tooling and professional development.

Next Step:
Hit Apply. Bring your AppSec mastery abilities. We’ll bring the challenge – and the snacks.

We are looking for a Cloud Security Architect.
As a Cloud Security Architect, you will be part of Cyber Security team working among Israel and global companies, Helping client build their Next Gen Cloud solution. your responsibilities would include:
Designing and implementing cloud security strategies and policies that meet an organizations specific needs.
Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats.
Conducting security assessments and audits to identify vulnerabilities and develop plans to address them.
Collaborating with IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes.
Staying up-to-date on the latest cloud security technologies, trends, and best practices.

The IT risk management team is looking for a junior for an entry-level position - no previous experience is required!
The team specializes in identifying and locating technological risks, finding solutions, improving the systems and processes in the organization to prevent potential damage to the business and minimizing risks using local experts with global experience in complex projects, unique methodologies and technological tools while working with the leading companies in the worlds of technology, industry and finance.
Location: Beit Shemesh or Tel Aviv combined with working from home.
The role consists of:
Consulting and testing automatic controls in business processes in the organization and ERP-CRM systems.
Consulting on the issue of authorizations and separation of SOD roles in information systems and business processes.
Establishing methodologies and capabilities in IT risk management aspects regarding the cloud and digital.

We are looking for a IT Risk Management and SOC2 Manager.
The IT risk management team specializes in identifying and mitigating technological risks, developing solutions, and enhancing organizational systems and processes to prevent potential business impact. Leveraging local experts with global experience in complex projects, unique methodologies, and advanced technological tools, the team partners with leading companies across technology, industry, and finance. Our projects span collaborations with US and the largest organizations in Israel, including major banks and top technology companies traded in the US.
Role Overview:
As a Manager in the TPA practice, you will lead and oversee multiple client engagements from initiation through to the reports. You will be responsible for managing project timelines, budgets, and team members, ensuring high-quality deliverables and client satisfaction.
Your role will include:
Managing end-to-end IT risk management and assurance engagements, including planning, execution, and reporting.
Overseeing the delivery of Information Security and IT Governance Risk and Compliance (GRC) services.
Leading SOC2 and SOC1 audits, information systems risk assessments, cyber risk surveys, and both external and internal IT audits.
Consulting on and testing automated controls within business processes and organizational systems, and establishing methodologies for IT risk management in cloud and digital environments.
Advising clients on authorization processes and segregation of duties (SoD) in information systems and business operations.
Managing and mentoring team members, allocating resources, and monitoring engagement hours to ensure projects are delivered on time and within budget.
Serving as the primary point of contact for clients, maintaining strong relationships and ensuring their needs are met throughout the engagement lifecycle.