לוח משרות דרושים מהנדס סייבר

Required Application Security Engineer
What is this opportunity?
As the Application Security Engineer, you will be responsible for integrating and maintaining robust security practices throughout the entire application development lifecycle. You will work closely with cross-functional teams including Software Engineering, DevOps and Product.
This role requires a security-minded professional who has deep experience in cloud-based architectures and is excited about building secure and scalable solutions.
How will you contribute?
Secure Software Development Lifecycle (SSDLC)- Collaborate with developers to integrate security best practices into all stages of the SDLC. Conduct secure code reviews, threat modeling, and vulnerability assessments.
Application Security Testing- Implement and manage SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools. Continuously monitor, track, and resolve identified vulnerabilities.
Cloud Security & Infrastructure- Work with DevOps/Infrastructure teams to secure cloud environments, including containerized workloads, CI/CD pipelines, and serverless functions. Configure and maintain cloud security best practices.
Security Architecture & Design- Collaborate on the design of new applications and features, advising on secure architecture patterns, encryption mechanisms, and identity & access management. Develop and maintain security reference architectures and technical standards.
Automation & Continuous Improvement- Identify opportunities to automate security checks and policy enforcement within the CI/CD pipeline. Research and recommend new security tools, technologies, and processes to enhance the security posture of the organization.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.



Main Responsibilities:

Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

We are looking for a Senior Data Analyst who will join our R&D team.
As a Data Analyst, you will have a significant opportunity for impact, driving the company to new heights. You will influence decision making processes throughout the user journey, be a partner to different teams, and drive strategic business decisions that shape the direction of the company.

What you will do:
Identify, analyze, and interpret trends or patterns in complex data sets to drive actionable insights.
Understanding business operations requirements and creating useful and planned solutions to address data needs.
Analyze large datasets and provide useful actionable recommendations to support the business operations goals.
Develop data processes and build data infrastructure for the relevant stakeholders.
Build and maintain reports, dashboards, and KPIs to monitor performance.
Translate business requirements to analytical logics, and create a clear visualization which "tells the story".

Abra is looking for a talented Network and Cyber security Engineer to join our Core Infrastructure Department.
Responsibilities include planning, designing, and implementing secure network infrastructures (Datacenter A/A, LAN, WAN, Wi-Fi), writing HLD and LLD documents, hands-on troubleshooting, monitoring network traffic, and leading Cyber security projects involving complex systems.

We are interested in welcoming a Senior Cybersecurity Expert to join our team, to plan, research, and develop proprietary automotive cybersecurity solutions.

Responsibilities and tasks include:
Threat and vulnerability assessment and analysis.
Design, implement, and verify mechanisms to neutralize potential threats.
System hardening and characterization.
Penetration testing.

Security is at the core of our operations, and we are seeking a Security & IT Specialist to take full ownership of cybersecurity, IT infrastructure, and data protectionensuring that our systems, data, and operations are protected both internally and externally against unauthorized access, cyber threats, and data breaches.
Key Responsibilities
Cybersecurity & data Protection (Internal & External)
Enforce strict in-house security policies to prevent unauthorized internal data access, copying, or extraction by employees or external parties. Implement DLP ( data Loss Prevention) systems to monitor and restrict data transfers, ensuring no FINQ data is leaked or misused. Secure network infrastructure, cloud environments, and endpoint devices from external cyber threats. Oversee network security, endpoint security, cloud security, IAM, and SOC tools. Regularly assess and update security protocols to stay ahead of cyber threats. Manage IAM policies, ensuring employees can only access data relevant to their role. Monitor third-party integrations, vendors, and service providers to ensure compliance with FINQs security standards.?? IT Infrastructure & Security Operations
Monitor and document availability of all systems and external service providers by direct observation, remote connection, and through alerting systems and respond immediately to security or usability concerns. Troubleshoot operational issues rapidly and analyze and resolve underlying issues to restore production systems and maintain continuity of business. Maintain and optimize FINQs IT infrastructure, ensuring all systems, networks, and databases are secure. Implement secure cloud Storage policies and encryption techniques to protect sensitive financial data. Manage user permissions, multi-factor authentication (MFA), and identity & access management (IAM) systems. Oversee backup and disaster recovery strategies to ensure business continuity.?? Security Compliance & Risk Management
Ensure compliance with financial security regulations, including SOC2, ISO 27001, GDPR, and other industry standards. Conduct security audits, vulnerability assessments, and penetration tests to identify and mitigate risks. Implement cybersecurity awareness training for employees to prevent internal security threats (e.g., phishing, insider threats). Stay updated on emerging threats and security technologies, providing recommendations for continuous improvements.?? Incident Response & Threat Mitigation
Develop and maintain incident response protocols to quickly detect, contain, and remediate cyberattacks. Investigate and respond to security breaches, data leaks, or unauthorized access attempts. Work with law enforcement and regulatory bodies when necessary to handle security incidents.

Required Network and Security Engineer
Description
As a Network and Security Engineer, you will be responsible for designing, implementing, and managing our customers network and security systems. You will work closely with customer software development, cyber and IT team to ensure the reliability, security, and efficiency of our network infrastructure.
Key Responsibilities:
Design, configure, and manage Cisco/Juniper switches and routers.
Implement and maintain Check Point/Fortinet firewalls.
Support integration processes with 3rd party systems.
Preform ongoing troubleshooting and fine tuning to the network infrastructure.
Write High-Level Design (HLD) and Low-Level Design (LLD) documents.
Monitor network performance and security, identifying and resolving issues.
Develop and enforce security policies and procedures.
Collaborate with other teams to integrate network and security solutions.
Provide technical support and guidance to team members.
Ensure device hardening based on security benchmarks such as CIS.
Why Join Us?
Opportunity to work with cutting-edge technology.
Collaborative and supportive work environment.
Career growth and development opportunities.

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead groundbreaking research into cyberattacks targeting cloud platforms, SaaS applications, Kubernetes, and related technologies.
Develop innovative detection methods and forensic investigation techniques for attacks in cloud environments.
Conduct in-depth investigations into real-world cloud incidents, enriching our knowledge base and advancing our detection capabilities.
Contribute to the design and enhancement of cloud forensics capabilities to support CDR platform development.
Collaborate with the engineering team to identify and leverage new forensic data sources from cloud environments.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and mitigate sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering.
Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities:
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g. individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

We are looking for a talented Cyber Security Engineer to join us and drive strategic projects, working with people, data, and a variety of technology platforms. you will be responsible for managing internal and customer-facing projects, including planning, coordinating and executing; and serve as coordinator for multi-group projects. The position reports to the CISO and will be working closely with IT, GRC, DevOps, R&D professionals, and other teams.
Specific Responsibilities:
Execute security activities per company security policies & workplan.
Design, manage, communicate and deliver technology-driven projects around security & IT.
Manage security events monitoring platform (SIEM/SOC solution).
Participate in the platform application security reviews with R&D.
Serve as security expert as part of the customer solutioning process and assist in responses to customer security reviews.
Provide periodic updates of new security-related technologies, methodologies, and risks via connections and collaborations with the cyber security ecosystem in Israel.
Manage security aspects of AzureAD / Office 365.
Part of the security incident response team.
Manage the physical and network security of the IL and US offices.