לוח משרות דרושים מומחה אבטחת מידע / סייבר לדוברי אנגלית

Were looking for an IT Compliance Associate to join our Technology team and help ensure our systems, vendors, and internal processes meet legal, regulatory, and security standards. In this role, youll support the design and implementation of an effective IT compliance framework, manage access controls, assess risk, and guide teams in upholding compliance across the organization.
Youll also help shape policies, identify gaps, and drive remediation efforts with cross-functional stakeholders. This is a collaborative, detail-oriented position with room for growth in the cybersecurity and compliance domain .
What Youll Actually Be Doing
Native-level fluency in both English and Hebrew (written and verbal)Must
Develop and maintain an effective IT compliance program
Conduct risk assessments on internal processes and systems
Lead access recertification and vendor risk assessment processes
Draft, manage, and update internal compliance policies and documentation
Review vendor documentation for regulatory and security alignment
Analyze data, identify compliance gaps, and implement remedial actions
Prepare reports, dashboards, and compliance summaries for internal stakeholders
Organize and contribute to quarterly Cyber Steering Presentations

Were seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, youll embed security across the entire SDLC - from CI/CD pipelines to smart contractshelping us build secure-by-design systems that power the future of fintech and digital assets.
Youll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, youll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.
What Youll Actually Be Doing:
Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
Build reusable security components, libraries, and developer-friendly guardrails
Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Were seeking a passionate Content QA Analyst to join our R&D department. By evaluating conversations our users have with our AI agents, you'll help spearhead our efforts to improve product quality and user experience and take part in strategizing efficient solutions. Youll play a key role in our project management life cycle.
Responsibilities:
Review and analyze end users conversations with our AI assistant in order to find the most impactful conversations and improve our core conversation engine.
Identify, generalize, and bucket problems in our new and existing use cases.
Evaluate new features and capabilities to ensure they are polished prior to release.
Use LLMs like ChatGPT in order to automatically analyze conversations and improve our natural language understanding.
Create and tag datasets to train new, highly accurate AI models.
Work closely with product managers, UX experts, software engineers, solutions engineers, and NLP experts to propose solutions and participate in the implementation.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC - from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets. You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
* Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
* Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
* Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
* Build reusable security components, libraries, and developer-friendly guardrails
* Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
* Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
* Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Why You’ll Love Working Here:
You’ll help secure some of the most innovative products in fintech and crypto - while collaborating with brilliant, supportive teammates who care deeply about doing things the right way. Our security culture is proactive, collaborative, and continuously improving. You’ll have the autonomy to lead impactful initiatives, influence design from day one, and grow alongside a team that’s invested in modern tooling and professional development.

Next Step:
Hit Apply. Bring your AppSec mastery abilities. We’ll bring the challenge – and the snacks.

We are looking for a Cloud Security Architect.
As a Cloud Security Architect, you will be part of Cyber Security team working among Israel and global companies, Helping client build their Next Gen Cloud solution. your responsibilities would include:
Designing and implementing cloud security strategies and policies that meet an organizations specific needs.
Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats.
Conducting security assessments and audits to identify vulnerabilities and develop plans to address them.
Collaborating with IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes.
Staying up-to-date on the latest cloud security technologies, trends, and best practices.

The IT risk management team is looking for a junior for an entry-level position - no previous experience is required!
The team specializes in identifying and locating technological risks, finding solutions, improving the systems and processes in the organization to prevent potential damage to the business and minimizing risks using local experts with global experience in complex projects, unique methodologies and technological tools while working with the leading companies in the worlds of technology, industry and finance.
Location: Beit Shemesh or Tel Aviv combined with working from home.
The role consists of:
Consulting and testing automatic controls in business processes in the organization and ERP-CRM systems.
Consulting on the issue of authorizations and separation of SOD roles in information systems and business processes.
Establishing methodologies and capabilities in IT risk management aspects regarding the cloud and digital.

We are looking for a IT Risk Management and SOC2 Manager.
The IT risk management team specializes in identifying and mitigating technological risks, developing solutions, and enhancing organizational systems and processes to prevent potential business impact. Leveraging local experts with global experience in complex projects, unique methodologies, and advanced technological tools, the team partners with leading companies across technology, industry, and finance. Our projects span collaborations with US and the largest organizations in Israel, including major banks and top technology companies traded in the US.
Role Overview:
As a Manager in the TPA practice, you will lead and oversee multiple client engagements from initiation through to the reports. You will be responsible for managing project timelines, budgets, and team members, ensuring high-quality deliverables and client satisfaction.
Your role will include:
Managing end-to-end IT risk management and assurance engagements, including planning, execution, and reporting.
Overseeing the delivery of Information Security and IT Governance Risk and Compliance (GRC) services.
Leading SOC2 and SOC1 audits, information systems risk assessments, cyber risk surveys, and both external and internal IT audits.
Consulting on and testing automated controls within business processes and organizational systems, and establishing methodologies for IT risk management in cloud and digital environments.
Advising clients on authorization processes and segregation of duties (SoD) in information systems and business operations.
Managing and mentoring team members, allocating resources, and monitoring engagement hours to ensure projects are delivered on time and within budget.
Serving as the primary point of contact for clients, maintaining strong relationships and ensuring their needs are met throughout the engagement lifecycle.