לוח משרות דרושים אנליסט סייבר משרה מלאה

The Cyber Security team is looking for a highly motivated GRC Specialist to join our team and take ownership of our Governance, Risk & Compliance program.
In this role, youll work closely with the CISO and cross-functional teams to embed security and compliance into everything we do. enabling the business to scale securely while meeting regulatory and customer expectations.
This is a high-impact position for someone who thrives in dynamic environments and wants to build, improve, and influence how security is managed across the organization.
What will you be doing:
Own and lead the organizations Governance, Risk & Compliance (GRC) program
Reporting the CISO to define and execute a GRC strategy aligned with business objectives and risk appetite
Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements
Lead and manage risk assessment processes across cybersecurity, IT, third-party, and operational domains
Maintain and actively manage the risk register, ensuring risks are identified, prioritized, tracked, and remediated
Drive and manage compliance programs (e.g., ISO 27001, NIST, CIS, GDPR), ensuring continuous audit readiness
Lead internal and external audits end-to-end, including evidence collection, auditor coordination, and remediation tracking
Manage third-party risk (TPRM), including vendor security assessments, questionnaires, and ongoing monitoring
Support product and engineering teams by integrating security and compliance requirements into new features and systems
Build and deliver risk and compliance reporting, including dashboards, KPIs, and executive-level insights
Translate technical risks into clear, business-relevant communication for leadership and stakeholders
Drive security awareness initiatives and promote a security-first culture across the organization

As a Security Analyst , you will work with network data and customer-facing teams to analyze raw traffic, create data-driven insights, and design solutions that enhance product value and address client needs.

Responsibilities
As a Security Analyst , Your impact will be:

Analyze raw network traffic to uncover anomalous activities.
Perform in-depth data analysis utilizing various tools
Take responsibility for all data needs for certain clients
Create useful and creative data queries
Investigate complex security incidents within cyber-physical environments.
Develop heuristics and logic-driven analysis by both security and network insights to improve the value of the product
Initiation, Prioritization, and design of R&D work based on customer needs
Work with customers and our customer-facing teams to design new features, improve their workflows, and address issues

We are seeking a detail-oriented, self-driven Security Analyst, based in Israel, to join the Risk and Compliance team and operate our ISO-aligned Event Management Process end-to-end. This role is the front door for security events in our company - the person who makes sure that every reported security event (from employees, vendors, and automated monitoring) is triaged, classified, escalated where required, and closed with documented evidence.

The Security Analyst is both an operator and a process owner. This is an excellent entry-point role for a Computer Science graduate or similar background person looking to build a foundation in security operations and compliance. You will run the daily flow of events, partner with Corporate IT, R&D/DevOps, and the CISO to drive down events, implement improvements and take corrective and preventive actions. You will report directly to the Chief Information Security Officer and work closely with the broader employee base engaging them directly.
This role covers five primary pillars: Security Event Intake and Triage; Classification, Escalation and Coordination; Process Operations and Continuous Improvement and Ai Automation.
This is a temporary position with an hourly pay.


RESPONSIBILITIES:
Event Intake & Triage
Own the front door for all reported security events - internal security hotline , IT services alerts, employee reports and automated monitoring - and make sure nothing falls through the cracks.
Triage security events within defined SLAs; gather context from logs, endpoints, identity systems, and SaaS admin telemetry to make a fast, defensible first call.
Maintain the Security Event Register as the single source of truth for every reported event - timeline, evidence, classification, owner, status, root cause, and corrective actions.
Review mail service admin holds that require review and investigation, user engagement and follow-up
Classification, Escalation & IRT Coordination
Classify security events against the defined severity matrix; distinguish security events from incidents and apply the agreed escalation criteria consistently.
Notify the CISO when escalation criteria are met, evidence collection, and timeline capture during incidents.
Process Operations & Continuous Improvement
Own and operate our ISO-aligned Event Management Process end-to-end - from intake through triage, response coordination, closure, and lessons learned.

Were looking for curious, motivated students to join our GRC (Governance, Risk & Compliance) team and gain hands-on experience at the intersection of security, compliance, and technology.
This is a unique opportunity to be part of a team working on real-world audits, security processes, and innovative GRC automation using AI.
What Youll Be Doing
Youll be involved in a variety of activities across GRC and Security:
Audit & Compliance
Support ongoing audits and certifications (ISO, ITGC, TISAX, SOC 1)
Assist with evidence collection, tracking, and documentation
Help ensure controls are properly implemented and monitored
Security & Risk
Participate in vendor risk assessments and system security reviews
Support Business Impact Analysis (BIA) activities
Work with teams to identify and track risks
Automation & AI in GRC
Assist in building and improving automated GRC processes
Explore and apply AI tools to streamline compliance and security work
Help optimize workflows and reduce manual effort.

We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our security function, focusing on proactive reviews and providing advanced guidance to customers. This is an opportunity to develop your expertise in cloud security while working closely with analysts, researchers, and engineers.
Responsibilities:
Assist in fine-tuning our detection and response mechanisms.
Support proactive reviews of customer environments to identify risks, exposed attack surfaces, and recommend improvements.
Lead and conduct in-depth security investigations, documenting outcomes and developing playbooks to enhance future detection and response.
Collaborate with Security Analysts, Research, and Backend teams to enhance detection quality.
Contribute to the handling of complex or critical incidents escalated from Tier 1/2.
Participate in recurring customer meetings, helping translate security findings into clear, actionable recommendations.
Stay up to date with emerging threats, attack techniques, attack surfaces, and best practices in cloud security.
Contribute to the development and training of AI-driven detection models, leveraging machine learning to improve investigation accuracy and response efficiency.

We are seeking a highly motivated GRC (Governance, Risk, and Compliance) Analyst to join our growing Security & Compliance team. In this role, you will be responsible for supporting the implementation, operation, and continuous improvement of our GRC framework. You will help ensure our organizations policies, procedures, and controls align with regulatory requirements and industry best practices.
Responsibilities:
Support the execution and enhancement of the organizations GRC strategy, including policy governance, risk assessments, compliance monitoring, and audit support.
Assist in maintaining compliance with security frameworks and standards such as ISO 27001, SOC 2, NIST, and GDPR.
Conduct periodic risk assessments and control gap analyses across departments.
Track remediation of audit findings, risks, and control deficiencies, and validate completion of corrective actions.
Support third-party risk management activities including vendor due diligence and ongoing assessments.
Help maintain the GRC tool and ensure timely updates of risk registers, controls, and evidence repositories.
Collaborate cross-functionally with IT, Legal, Engineering, and other business units to promote a culture of security and compliance.
Assist in the creation and maintenance of documentation such as policies, standards, and procedures.
Prepare reports and dashboards for management review.
Stay updated on emerging regulations, standards, and security trends.

Exposure Analyst (Customer-Facing)
About XM Cyber: XM Cyber is a leading hybrid cloud security company that’s changing the way organizations approach cyber risk. We transform exposure management by showing our customers exactly how attackers might combine misconfigurations, vulnerabilities, and identity exposures across cloud and on-prem environments to compromise critical assets. With XM Cyber, our customers can see all the ways attackers might get in—and the best ways to stop them with a fraction of the effort. About You & The Role: Are you someone who loves connecting with people just as much as you love talking tech? We are looking for a highly empathetic, customer-focused Exposure Analyst to join our managed services team. In this role, you’ll be the friendly face and trusted advisor helping our premium customers get the absolute best out of the XM Cyber platform. You’ll dive deep into security postures, translate complex attack paths into simple, actionable steps, and build the kind of trust that makes IT and Security teams excited to work with you. Responsibilities: Be the Trusted Advisor: Own the primary technical relationship for a portfolio of enterprise and mid-market customers, establishing yourself as their go-to security partner representing XM Cyber in the customer’s organization. Daily Posture Reviews & Action: Conduct daily reviews and analyses of your customers' security postures using the XM Cyber platform. You'll turn complex findings into clear, risk-based insights and proactively open remediation tickets. Weekly Check-ins & Deep Dives: Lead engaging weekly calls with your customers, hosting targeted deep-dive sessions to guide them on configuration, best practices, and new features to ensure optimal ROI. Bridge the Gap: Drive remediation outcomes by pushing discussions directly with the customer’s IT, DevOps, and Cloud teams—not just their security teams—helping them prioritize efforts based on attack path analysis. Deliver the Big Picture: Proactively track progress and provide monthly reports to both technical and executive stakeholders. You’ll also co-host Executive Business Reviews (EBRs) alongside our Customer Success team. Champion the Customer: Act as the lead technical escalation point, partnering with our internal R&D, Product, and Support teams to make sure your customers' needs are always heard and resolved.

Were looking for an IT Compliance Associate to join our Technology team and help ensure our systems, vendors, and internal processes meet legal, regulatory, and security standards. In this role, youll support the design and implementation of an effective IT compliance framework, manage access controls, assess risk, and guide teams in upholding compliance across the organization.
Youll also help shape policies, identify gaps, and drive remediation efforts with cross-functional stakeholders. This is a collaborative, detail-oriented position with room for growth in the cybersecurity and compliance domain
This role requires working US hours
What Youll Actually Be Doing:
Develop and maintain an effective IT compliance program
Conduct risk assessments on internal processes and systems
Lead access recertification and vendor risk assessment processes
Draft, manage, and update internal compliance policies and documentation
Review vendor documentation for regulatory and security alignment
Analyze data, identify compliance gaps, and implement remedial actions
Prepare reports, dashboards, and compliance summaries for internal stakeholders
Organize and contribute to quarterly Cyber Steering Presentations

We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers.
Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams.

As part of our mission to provide the best real-time email security for our customers, our team plays a critical role in uncovering, understanding, and mitigating email-based threats. We work at the front line of phishing and social-engineering attacks, ensuring customers stay protected from fast-moving and constantly evolving threats.
In this role, youll dive deep into real-world attacks, quickly analyze emerging threats, and develop accurate protections that are deployed to customers in real time. Youll collaborate closely with other analysts, security researchers, and field teams, while also helping shape and improve the workflows and automation that drive our team forward. This is a hands-on, impactful role for someone who loves uncovering threat patterns, solving complex problems, and contributing to a mission-driven security team.
This is an on-site position, based in our offices (no hybrid work). The role requires working in a global environment, with strong English communication skills.
Key Responsibilities
Analyze new email-based threats and deliver real-time protection within our companys email security products.
Investigate threats using our company email-security tools, customer reports, and additional threat-intelligence sources.
Identify ongoing phishing campaigns, trends, and potential detection gaps.
Respond to alerts and requests from internal field teams and customers, providing immediate mitigation for active attacks.
Develop and test tailored mitigations for specific attacks and deploy them to customers.
Write detailed research reports and attack briefs explaining phishing campaigns, attacker techniques, and findings.
Implement automation processes to enhance operational efficiency and detection accuracy.
Contribute ideas to improve team workflows, processes, and coverage.
Use AI and LLM-powered tools to analyze attacks and extract meaningful insights.
Design processes for analyzing phishing campaign data, trends, and related attacker methodologies.

our company Infinity External Risk Management, otherwise known as Cyberint, continuously reduces external cyber risk by managing and mitigating an array of external cyber security threats with one unified solution.
We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers
Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams.

We are seeking a highly energetic and talented security analyst to join our Managed Detection and Response (MDR) team. As an MDR security analyst, your primary responsibility will be to identify and respond to security threats across our service customers. You will utilize the groundbreaking Threat Hunting System to proactively seek out unknown threats and enhance our hunting capabilities. Leveraging the Cloud data warehouse, you will develop threat hunting technics to effectively detect and address security threats. Moreover, you will serve as a trusted advisor to our MDR service clients, providing valuable insights into their security posture and the threat landscape they face
This position offers an exceptional opportunity for network security enthusiasts who are passionate about Network Security, Malware Analysis, Threat Hunting, and Threat Intelligence.
Responsibilities
Act as a Customer Security Advisor, conducting threat-hunting activities and performing security assessments on customer networks. Effectively communicate findings, recommendations for remediation, and mitigation strategies to customers
Serve as an escalation point for the SOC analysts, assisting in the investigation, analysis, and response to security incidents
Develop cyber kill-chain indicators of an attack and hunting heuristics to enhance the ongoing threat-hunting process
Enhance the product accuracy and its capacity to detect emerging threats within the dynamic security landscape.

We are looking for a highly motivated SOC/NOC Analyst to join our operations and security team. This role is responsible for monitoring, detecting, analyzing, and responding to security and network events across the organizations infrastructure and production environments.
The SOC/NOC Analyst will play a key role in maintaining service availability, identifying threats, investigating incidents, and ensuring timely escalation and resolution of operational and security issues. The ideal candidate is detail-oriented, analytical, and able to work effectively in a fast-paced, 24/7 environment.
Key Responsibilities :
Monitor security and network events using SIEM, monitoring, and alerting platforms.
Investigate alerts, anomalies, and incidents related to infrastructure, systems, applications, and network activity.
Perform first-level triage, validation, categorization, and escalation of security and operational incidents.
Respond to incidents involving suspicious activity, service disruption, connectivity issues, unauthorized access attempts, and infrastructure abnormalities.
Open, track, and update incidents in the ticketing system, ensuring accurate documentation and timely resolution.
Support incident response activities, including containment, evidence gathering, and post-incident analysis.
Monitor network performance, uptime, connectivity, and service health across production environments.
Assist in vulnerability management, log analysis, and security control validation.
Maintain runbooks, knowledge base articles, and operational documentation.
Contribute to process improvement initiatives to enhance monitoring coverage, response quality, and operational resilience.
Additional Notes :
This role requires shift-based work as part of a 24/7 monitoring and response function.

We are seeking a dynamic and experienced Security Data Analyst to spearhead our cybersecurity initiatives and drive innovation within our team. In this pivotal role, you will lead the development of new security features, conduct in-depth data analysis and validation, conduct network research, develop new security concepts, and enhance our threat detection and response capabilities.
If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you
Responsibilities:
Apply data analytics techniques to investigate security-related data, extract actionable insights, and enhance threat intelligence.
Perform data analysis to uncover anomalies and detect malicious behavior within the organization's network, aiming to automate these findings into a detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.
Research various network behaviors and patterns.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response.
You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.
If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.
Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.