לוח משרות דרושים מומחה אבטחת מידע / סייבר עבודה היברידית

We are looking for a highly motivated, talented, and hands-on Application Security Engineer who will participate in building our next-generation static code analysis engines for detection and remediation capabilities.
This role offers challenges across a wide variety of responsibilities.
You will have an opportunity to establish the application security discipline in the SAST group, and define working procedures, processes, and tools.
The successful candidate will work closely with algorithms developers, improving the engines, developing security rules, performing a security review of source code, and suggesting optimization. We are searching for a team player with a can-do approach.
**In this position, you will work in a hybrid model, which means you will spend two days at the office and three days working from home.**
Responsibilities:
Performing security source code analysis.
Analyze application vulnerabilities and provide mitigation strategies.
Researching, designing, and writing application security rules for detection, while working closely with a development team for SAST
Analyzing different programming frameworks in different programming languages for potential sources and sinks for SAST.
Handling complex cases escalated from the field and other teams.
Improving our SAST engines for various programming languages.

Were looking for a Senior Software Engineer with expertise in Application Security, operating systems, and cloud technologies to work on bleeding edge technology in our cloud-native team.
What you will do
Solve hard problems in the domain of containers, security scanners, cloud, operating systems, package managers, Kubernetes, DBs and Linux.
Come up with innovative solutions to complex software static analysis problems.
Being responsible for shipping cutting edge technologies that transforms the container scanning industry.
End-to-end development of backend software components (research, design, development, testing, rollout, monitoring).

We are looking for a SecOps Director.
In this role, you will be responsible for:
Aligning vulnerability management functions with the organization's overall business objectives by reducing information technology threat
Improving & maturing established security metrics associated with vulnerability management, security operations center, security monitoring, etc.
Overseeing projects for deploying new cyber security tools and processes
Leading successful projects, ensuring high quality and timely delivery of features
Ensuring the team builds operational processes that are architecturally consistent, of high quality, and that follows operational best practices
Overseeing the development and implementation of appropriate and effective controls to mitigate identified threats and risk
Have fingerprints on building the future of Gates' cyber security organization.
Collaborate and engage with key business stakeholders, including technology peers to help them better manage their technology risk through pragmatic and fit for purpose solutions.
Be responsible for auditing, assessing & architectural recommendations as it pertains to our technical cyber security infrastructure while helping to continuously improve our Cybersecurity maturity and defensive posture.
Work with our internal stakeholders to provide support related to security functions and technologies including Privileged Access Management (PAM), Threat hunting management, SSO/MFA, Active Directory, Windows/Linux OS hardening, vulnerability remediation, EDR, SOC oversight, security metrics, E-Discovery and incident response

As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC).
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications.
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass.
Conduct threat modeling and architecture security review.
Develop and maintain secure coding standards and guidelines for application developers.
Monitor and analyze security incidents and provide timely response and resolution.
Stay current with emerging threats, vulnerabilities, and industry best practices in application security.
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts.
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes.
Deliver secured development training to developers.

Required Technology Consultant (Security)
Responsibilities:
As a passionate technical expert, you'll engage with external decision-makers, facilitating technical design workshops to translate business needs into Azure solutions. Some of your key responsibilities will include:
Hands-on solution implementation with your peer consultants acting as a technical lead within your specialized area, you'll understand commercial responsibilities and align technical delivery with program milestones, taking accountability for technical risks.
Serving as an advisor and mentor, fostering technical expertise within the Consulting community and your industry vertical.
Collaborating with account teams to strengthen the relationship between sales and delivery and liaising with our product group to access engineers building solutions, all in the pursuit of delivering our offerings effectively to customers.
Contributing to pre-sales efforts by shaping deals through understanding business requirements and providing industry and technical insights.
Assisting in drafting proposals and statements of work.

Required Senior Privacy Program Manager
Are you analytical and passionate about enhancing customer trust and protecting the brand? Are you interested in defining the future for a leading-edge privacy compliance program to the next level? If yes, then this role is for you! The Security Privacy Program team is looking for an experienced, highly driven Program Manager to work as part of a team to enhance our Privacy Program.
This role provides you with the leadership opportunity to effect change that will have enterprise-wide impacts. As a Program Manager, you will initially work on leading our consolidated documentation efforts for a data storage commitment program across security products and services. As our primary point of contact you will be the connective tissue between our privacy compliance goals as a company and the product teams across providing strategic insights and guidance.
A significant part of your role will be to ensure that Security products and services comply with our privacy requirements while also taking the lead on the roll-out and support of enterprise-wide cutting-edge privacy compliance solutions. You will contribute to the development and execution of our best-in-class strategic privacy practices and initiatives, to ensure we continue to be a leader in privacy while exceeding customer expectations.
The ideal candidate could have an engineering or compliance background, command of engineering best practices, and experience in raising the quality of existing solutions. This candidate must have excellent written and verbal communication, a passion for technology, experience providing guidance and direction to technical audiences, ability to drive towards the big picture while managing details, and the ability to build relationships with key partners.
Responsibilities:
The successful candidate will be responsible for the following:
Support risk and compliance program activities across the Security Division.
Contribute incremental improvement to the privacy program increasing efficiency of operating processes.
Continuously aligning services and strategy with the company standards, policy, and strategies, and understanding how they need to be applied within our organization.
Identifying opportunities to expand the services model to include other risk and compliance offerings across the enterprise.
Support the team in clarifying business, tooling, and engineering requirements to land impactful outcomes for compliance and risk management.

We are looking for a talented and experienced GRC expert for a Security Expert position. This position will interact with IT teams, business units, HR, etc. This will include activities of an international entity/subsidiary. You should be able to drive multiple security audits and articulate security requirements both verbally and in writing.
Responsibilities:
Running multiple successful security audits in parallel
Aligning our security compliance and regulative requirements
Breaking down compliance requirements verifying that existing controls are adequate and defining and overseeing the implementation of new security controls
Run and participate in external and internal risk assessments
Driving successful mitigations of audit and risk assessment findings
Formulate new policies and update existing ones while aligning them with business processes
Review the security controls & settings of various security and IT systems and confirm alignment with compliance requirements.
Run GRC tasks cross-company
Prepare the business for SOX, PCI-DSS, ISO 27001 and 27017, and other certifications and audit requirements. You will work with the auditors and manage the process with other teams and business units
Respond to customer RPPs/RFIs and questionnaires
Explore new options for enhancing the security posture.

We are looking to expand our drone take-over research team, which is responsible for the core technology of our product.
This is a great opportunity for you to expand your capabilities working on versatile and innovative cyber research projects as part of a young and extremely talented team.

We are looking for a hands-on Security engineer Web 3.0 security development team. In this role, you will be instrumental in driving the technological success and innovation of a new product line that will revolutionize the rapidly evolving blockchain security products and services industry.
More about the role: As Security Engineer, you will spearhead development efforts, working in close collaboration with the head of Web3 Security and CTO of Web3.0 Security. This is a unique opportunity akin to launching a start-up within Check Point (acting as a founding member of the new team).


Key Responsibilities
Software development: ownership of large portions of our overall technical development of novel, category defining web3 security products. From ideation to sleek products delivery.
Technical Engagement Management: research, spec, develop and integrate tailored solutions (products and services) for our design partners and later, our clients.

we are looking for a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and nation-state activities. You will join a team of motivated, independent and highly technical individuals to contribute the effort to protect customers and empower the brand.

Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal data.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for external publications and private intelligence reports.
Help creating protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist in threat intelligence and research tasks.

we are looking for an outstanding hands-on R&D Team Leader for the Threat Prevention Cloud group.

In this role, you will:

Impact Millions: Your work will directly protect millions of users from evolving threats like zero-day attacks and supply chain compromises.

Elite Team: Join a high-performing, collaborative group tackling cutting-edge security challenges.

Make a Difference: Play a pivotal role in the fight against cybercrime and leave a lasting impact.

Key Responsibilities
Build, mentor, and develop a top-notch team of 6 software engineers and cyber security experts.
Define the product roadmap and drive strategic initiatives in collaboration with stakeholders.
Design, develop, and deploy secure cloud infrastructure and cutting-edge threat prevention features.
Deep dive into cloud, networking, cyber techniques, and spearhead research and implementation.
Ensure the successful operation of a critical, internet-scale cloud production environment.

We are looking for a Network Engineer, who is motivated, self-managed, team player with good interpersonal skills to be responsible for:

Engaging with customers worldwide to understand and address their technical requirements.
Deploying the company's cutting-edge Beta software and hardware on customers' sites, ensuring a seamless experience prior to market release.
Collaborating directly with development teams, QA engineers, and managers at all levels.
Conducting comprehensive testing, debugging, and documentation of beta deployments in simulated customer environments and during on-site activities.
Providing effective technical support to beta testing customers.

Our platform security team (as part of the Cloud Security area) is looking for a highly skilled developer, who is comfortable with cloud-native programming

Our daily work involves experience in new technologies all the time, extensive cloud services usage (mostly AWS), design writing, and testing code in various runtimes like C#, Javascript, and more.

In this role, you will design and lead Check Point cloud platform security solutions, work closely with the architects of the Cloud Guard Security product line, and take an active part in all the software development phases starting with a POC and ending with production deployment of the product in a customer environment.

Key Responsibilities
Develop and own E2E features from design to production, addressing architecture, CI/CD pipeline, monitoring, and testing.
Working with AWS and other cloud providers
Designing and implementing software solutions using the .NET framework and other programming languages
Collaborating with cross-functional teams to identify and prioritize development efforts
Testing and debugging code to ensure functionality and performance

We are looking for a IT Cloud Engineer. This role is perfect for a highly experienced and proactive IT Engineer with vast experience in cloud security.

This job is located in Tel Aviv (hybrid).
Key Responsibilities
Lead Cloud Security and Operations projects, overseeing new technology implementation, R&D access management, and standardizations.
Manage security alerts, critical IT-RND tasks, and conduct systems administration.
Develop and implement automation scripts to streamline routine processes and tool development.
Install, configure, update, and troubleshoot cloud infrastructure tools and services for developers and R&D requirements.
Monitor internal infrastructure for high availability, optimal performance, and security.
Collaborate with FINOPS analyst to automate financial operations, reducing costs across various cloud providers.
Administer and optimize R&D SaaS applications, including GitHub, Postman, Slack, and other developer tools.