לוח משרות דרושים מהנדס סייבר

We're looking for a Security Engineer - our company Product to spread the power of our company. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our companys products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing our company-for-our company to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our companys production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our company Federal team - extending our DevSecOps and Product Security practices to our companys FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our companys engineering and operations teams - helping them deliver secure-by-design solutions.

Were looking for an Application Security Engineer with a passion for AppSec to join our growing team.
Responsibilities:
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.
This role demands a practitioner who thinks like an attacker, possesses a developers urge to automate, and has the broad landscape understanding to connect dots across complex, modern domains.
What Youll Do:
Promote Enterprise-Grade Security Initiatives: Engineer and scale the security strategy for entire product ecosystem, spanning both internal infrastructure and external-facing products. You will ensure code security at scale by hardening the SDLC, securing the Software Supply Chain perimeter, and designing the technical guardrails for AI adoption at both the enterprise and product levels.
AI Solutions Builder: scale our security program using AI-driven tools. You will develop and fine-tune autonomous agents to handle complex code analysis, vulnerability hunting, and automated remediation.
Drive Early Adoption of Frontier Tech: Act as a scout and evaluator for the worlds most innovative security startups. Youll partner with cutting-edge vendors in emerging fields like AI Security and Cloud Runtime Security, ensuring remains an early adopter of state-of-the-art defensive systems.
Scale Through Engineering: Move beyond manual reviews. Youll manage and extend AppSec tools to eliminate false positives and build custom logic that reflects our unique codebase.
Collaborative Engineering: Work alongside our in-house DevOps team to rapidly deploy custom security tools at an enterprise grade.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

We are looking for a Product Security Lead to take full ownership of security across our product - both SaaS and On-Prem environments.

This is a high-impact, high-visibility role at the intersection of Application Security, Cloud Security, and Architecture. You will combine hands-on technical work with strategic influence, shaping how security is embedded across our platform - from design to deployment.

If youre passionate about building secure systems at scale, influencing architecture, and driving a security-first mindset, this is your opportunity to lead.

What You Will Own
Define and drive end-to-end Product Security strategy across our platform.
Lead threat modeling, secure design reviews, and architecture assessments.
Identify and remediate application-level vulnerabilities across services and APIs.
Embed security into CI/CD pipelines and development workflows (DevSecOps).
Secure cloud-native environments (Kubernetes, containers, microservices
Influence architecture and engineering decisions at scale.
Partner closely with R&D, DevOps, and Product teams to drive secure development.
Promote and scale a security-first culture across the organization.
Balance security, performance, and developer experience in production systems.

You will join our Cyber Security Operations team and play a key role in protecting our cloud-native and enterprise environments. In this hands-on role, youll design, implement, and operate security controls across AWS, Kubernetes, CI/CD pipelines, and identity systems.
Youll lead incident response efforts, build security automation, and drive continuous improvement of our detection and prevention capabilities in a fast-paced, highly technical environment.
The day-to-day:
Own and enhance security for large-scale AWS environments (IAM, VPC, CloudTrail, GuardDuty, EKS, S3).
Build and operate threat detection, incident response, and DFIR processes across cloud, Kubernetes, identity, and SaaS platforms.
Design and implement security automation for access control, cloud hygiene, incident response, and SIEM workflows.
Drive DevSecOps initiatives, securing CI/CD pipelines and enabling shift-left security.
Develop and tune SIEM detections, threat hunting queries, and automated remediation pipelines.
Manage identity, access, and Zero Trust / ZTNA architectures using IdP, SSO, RBAC, and federation.
Simulate real-world attacks and perform vulnerability discovery to validate security controls.

We are looking for a Senior Python Developer to join our R&D team specializing in anonymous communication technologies
Develop backend systems in Python using microservices architecture and lead development packages
Manage and automate anonymous communication solutions including the operation and maintenance of diverse assets
Design and initiate innovative and creative anonymous communication solutions
Availability for on - call support in team rotations and during nights, weekends and holidays.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered. .

The Role:
As the Security Engineering Operations Assistant, you'll be the organizational backbone for the VP, Security Engineering—ensuring requests move forward, deadlines stay visible, and nothing gets lost in the shuffle. This isn't about being an admin; it's about being the force multiplier that lets security leadership focus on strategy and technical priorities while you keep the machine running smoothly. If you're the person who naturally keeps lists, follows up before being asked, and gets satisfaction from bringing order to chaos—this role was made for you.

Who You Are:
You're the person everyone relies on to remember the thing that was supposed to happen last Tuesday. You've got 2–5 years of experience in technical coordination, support roles, or security/IT/engineering operations environments, and you know how to work alongside technical teams without needing your hand held. You're exceptionally organized—not in a "my desk is clean" way, but in a "nothing falls through the cracks" way. You communicate clearly in writing and conversation, you're comfortable working closely with senior leadership, and you handle sensitive information with discretion. You're not intimidated by technical discussions—even if you're not the one configuring the firewall, you can follow along, capture the key decisions, and know what questions to ask to make sure everyone's aligned on next steps. You're proactive, dependable, and genuinely curious about how things work.

What You’ll Actually Be Doing:
Direct Support to Security Engineering Leadership
* Assist the VP, Security Engineering with tracking requests, action items, and follow-ups arising from meetings, emails, and discussions
* Maintain organized lists of open items, next steps, and pending decisions
* Perform routine follow-ups with internal teams and external vendors on behalf of Security Engineering
* Help ensure deadlines and commitments are visible and monitored
* Surface overdue items or risks that may require attention Coordination & Task Tracking
* Support coordination of security engineering activities across Security, IT, Engineering, GRC, and external partners
* Track progress of assigned tasks and initiatives using established tools and processes
* Assist in scheduling, preparation, and follow-up for security-related meetings
* Help organize priorities and timelines across multiple parallel efforts Technical Awareness & Documentation
* Maintain familiarity with core security engineering domains, including: Identity and Access Management, Endpoint and device management, Cloud security basics (AWS and Azure), Security tooling and operational workflows
* Capture key outcomes, decisions, and action items from technical discussions
* Maintain documentation, trackers, and status updates
* Ask clarifying questions to ensure expectations and next steps are understood Communication & Information Flow
* Support intake and coordination of inbound requests to the Security Engineering team
* Prepare clear summaries and status updates as needed
* Help ensure relevant information is shared with appropriate stakeholders
* Support prioritization discussions by maintaining visibility into current workload and commitments


Why You’ll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement – from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insuranc

We are At our company, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
This role focuses on ensuring the security and compliance of cloud infrastructure by implementing and maintaining robust security controls across AWS environments. The position involves automation for security monitoring, adhering to best practices, and collaborating cross-functionally with other teams.
Who You Are:
A strong individual contributor who takes pride in delivering high-quality security outcomes while collaborating closely with peers and stakeholders. You are able to build trust, provide thoughtful input, and continuously grow your technical and operational expertise. You are passionate about exploring new technology and using it to make an actionable impact to the future of fintech. You can balance the needs of the business and the team's goals with strong value for code quality and adherence to implementing best practices. A highly skilled AWS Security Engineer with additional FinOps expertise to ensure the security and compliance of our cloud infrastructure. You are able to implement and maintain robust security controls across AWS environment. You are passionate about best practices, automation for security monitoring, and collaborating with other teams.
What Youll Actually Be Doing:

* Cloud Security Implementation: Contribute to the design and implementation of security measures across AWS environments to ensure systems are secure, compliant, and aligned with industry best practices. Including implementation, automation and development of security policies
* Conduct regular security assessments, control testing, and audits to proactively identify risks and vulnerabilities (and support remediation efforts with partner teams)
* Collaboration with Internal Teams: Work closely with internal teams to integrate security best practices into development and operational workflows
* Security Automation & Infrastructure Management: Design and implement automation strategies for security monitoring, auditing, and incident response
* Cost Efficiency through Security: Contribute to cloud cost management by optimizing cloud resources without compromising on security.
* Incident Response & Threat Management: Participate in incident response efforts to support timely identification, analysis, containment, and remediation of security threats. Contribute to post-incident reviews, help maintain incident response playbooks, and support internal teams by sharing learnings and updated procedures.

Why Youll Love Working Here:


* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first

We offer hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond to benefit the patients we serve. We are a dynamic, fast-paced company operating in over 34 countries on 5 continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are looking for Microsoft 365 Security Engineer to lead the implementation and continuous improvement of Microsoft security and compliance capabilities across the Microsoft 365 environment. The role focuses especially on Microsoft Purview and Microsoft Defender for Cloud Apps, and also covers Microsoft Defender for Office 365, Security for identity, Entra ID security controls, and security features across Exchange Online and collaboration services. You will translate requirements into technical design and configuration, implement and tune policies, rollout changes safely, troubleshoot complex issues, and document solutions and operational procedures. You will work closely with IT and system teams to ensure stable integrations, minimal business disruption, and measurable risk reduction.
Responsibilities:
Lead end to end implementation and ongoing improvement of Microsoft 365 security and compliance controls. Implement and operate Microsoft Purview, including sensitivity labels and DLP, and support additional compliance capabilities as needed. Implement and operate Microsoft Defender for Cloud Apps CASB, including cloud discovery, governance controls, and policy enforcement. Implement and tune Microsoft Defender for Office 365 protections for phishing, malware, and impersonation threats. Support identity driven security controls with Entra ID, including Conditional Access concepts and tenant security posture improvements. Improve Exchange Online security posture, mail flow protections, and related configurations. Create technical documentation, runbooks, and change plans, and provide operational support and troubleshooting. Partner with internal teams and stakeholders to plan rollouts, reduce false positives, and maintain business continuity. Experience in securing Microsoft SharePoint Online, including configuration of access controls, data protection policies, and compliance settings.
City:
Petah Tikva

we are looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environments-Windows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

Our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC.
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks.
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews.
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements.
Automate security processes and integrate security tools within CI/CD pipelines.
Develop and deliver secure coding training to engineering teams.