לוח משרות דרושים מהנדס סייבר במרכז

We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.
This role demands a practitioner who thinks like an attacker, possesses a developers urge to automate, and has the broad landscape understanding to connect dots across complex, modern domains.
What Youll Do:
Promote Enterprise-Grade Security Initiatives: Engineer and scale the security strategy for entire product ecosystem, spanning both internal infrastructure and external-facing products. You will ensure code security at scale by hardening the SDLC, securing the Software Supply Chain perimeter, and designing the technical guardrails for AI adoption at both the enterprise and product levels.
AI Solutions Builder: scale our security program using AI-driven tools. You will develop and fine-tune autonomous agents to handle complex code analysis, vulnerability hunting, and automated remediation.
Drive Early Adoption of Frontier Tech: Act as a scout and evaluator for the worlds most innovative security startups. Youll partner with cutting-edge vendors in emerging fields like AI Security and Cloud Runtime Security, ensuring remains an early adopter of state-of-the-art defensive systems.
Scale Through Engineering: Move beyond manual reviews. Youll manage and extend AppSec tools to eliminate false positives and build custom logic that reflects our unique codebase.
Collaborative Engineering: Work alongside our in-house DevOps team to rapidly deploy custom security tools at an enterprise grade.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

We are looking for a Product Security Lead to take full ownership of security across our product - both SaaS and On-Prem environments.

This is a high-impact, high-visibility role at the intersection of Application Security, Cloud Security, and Architecture. You will combine hands-on technical work with strategic influence, shaping how security is embedded across our platform - from design to deployment.

If youre passionate about building secure systems at scale, influencing architecture, and driving a security-first mindset, this is your opportunity to lead.

What You Will Own
Define and drive end-to-end Product Security strategy across our platform.
Lead threat modeling, secure design reviews, and architecture assessments.
Identify and remediate application-level vulnerabilities across services and APIs.
Embed security into CI/CD pipelines and development workflows (DevSecOps).
Secure cloud-native environments (Kubernetes, containers, microservices
Influence architecture and engineering decisions at scale.
Partner closely with R&D, DevOps, and Product teams to drive secure development.
Promote and scale a security-first culture across the organization.
Balance security, performance, and developer experience in production systems.

You will join our Cyber Security Operations team and play a key role in protecting our cloud-native and enterprise environments. In this hands-on role, youll design, implement, and operate security controls across AWS, Kubernetes, CI/CD pipelines, and identity systems.
Youll lead incident response efforts, build security automation, and drive continuous improvement of our detection and prevention capabilities in a fast-paced, highly technical environment.
The day-to-day:
Own and enhance security for large-scale AWS environments (IAM, VPC, CloudTrail, GuardDuty, EKS, S3).
Build and operate threat detection, incident response, and DFIR processes across cloud, Kubernetes, identity, and SaaS platforms.
Design and implement security automation for access control, cloud hygiene, incident response, and SIEM workflows.
Drive DevSecOps initiatives, securing CI/CD pipelines and enabling shift-left security.
Develop and tune SIEM detections, threat hunting queries, and automated remediation pipelines.
Manage identity, access, and Zero Trust / ZTNA architectures using IdP, SSO, RBAC, and federation.
Simulate real-world attacks and perform vulnerability discovery to validate security controls.

We are looking for a Senior Python Developer to join our R&D team specializing in anonymous communication technologies
Develop backend systems in Python using microservices architecture and lead development packages
Manage and automate anonymous communication solutions including the operation and maintenance of diverse assets
Design and initiate innovative and creative anonymous communication solutions
Availability for on - call support in team rotations and during nights, weekends and holidays.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

We offer hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond to benefit the patients we serve. We are a dynamic, fast-paced company operating in over 34 countries on 5 continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are looking for Microsoft 365 Security Engineer to lead the implementation and continuous improvement of Microsoft security and compliance capabilities across the Microsoft 365 environment. The role focuses especially on Microsoft Purview and Microsoft Defender for Cloud Apps, and also covers Microsoft Defender for Office 365, Security for identity, Entra ID security controls, and security features across Exchange Online and collaboration services. You will translate requirements into technical design and configuration, implement and tune policies, rollout changes safely, troubleshoot complex issues, and document solutions and operational procedures. You will work closely with IT and system teams to ensure stable integrations, minimal business disruption, and measurable risk reduction.
Responsibilities:
Lead end to end implementation and ongoing improvement of Microsoft 365 security and compliance controls. Implement and operate Microsoft Purview, including sensitivity labels and DLP, and support additional compliance capabilities as needed. Implement and operate Microsoft Defender for Cloud Apps CASB, including cloud discovery, governance controls, and policy enforcement. Implement and tune Microsoft Defender for Office 365 protections for phishing, malware, and impersonation threats. Support identity driven security controls with Entra ID, including Conditional Access concepts and tenant security posture improvements. Improve Exchange Online security posture, mail flow protections, and related configurations. Create technical documentation, runbooks, and change plans, and provide operational support and troubleshooting. Partner with internal teams and stakeholders to plan rollouts, reduce false positives, and maintain business continuity. Experience in securing Microsoft SharePoint Online, including configuration of access controls, data protection policies, and compliance settings.
City:
Petah Tikva

Were looking for a top-notch Detection Software Engineer to join our Threat Research team and further develop the Runtime Sensor. In this role, you will work on a world-class runtime security solution affecting some of the largest cloud workloads, collaborating closely with engineering and research to enable new and better threat detection capabilities.
WHAT YOULL DO
Work on a world-class runtime security solution affecting some of the largest cloud workloads
Work closely with engineering and research to enable new and better threat detection capabilities
Build and extend our research infrastructure, automated testing infra and release processes
Conduct research and develop new detection capabilities, from concept to implementation
Constantly shift things from an art to a science - make the hard things easy, fast and scalable
Quickly address gaps and changes when needed. Bias towards action
Analyze, debug and solve problems in test, staging and production environments
Create and enforce best practices and security policies
Work with customers in response to requests and questions when needed.

We are looking for an experienced Security Operations Engineer to join our fast-growing security team and take ownership of our SIEM and SOAR automation efforts. This is a unique opportunity to work at the intersection of security operations, detection engineering, and automation in a modern SaaS and cloud-native environment.


What Will You Do?
Maintain and enhance detection engineering content across SIEM and automation systems
Develop new SOAR workflows, automated actions, and response playbooks
Build and improve SIEM rules, correlations, dashboards, and monitoring capabilities
Lead investigations and identify security issues through alert analysis and mitigation
Coordinate incident response activities and communicate clearly with relevant stakeholders
Provide consultative guidance on best practices in Cloud Security, SIEM, and automation operations
Collaborate closely with internal teams to understand monitoring needs and deliver new insights
Follow CISO guidance to continuously improve the organizations security posture
Design, document, and scale security automation capabilities
Review new product features, implement security standards, and share knowledge across the team

We're looking for a Security Engineer - Product to spread the power. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing us to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team - extending our DevSecOps and Product Security practices to our FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our engineering and operations teams - helping them deliver secure-by-design solutions.

We are seeking an experienced Senior Security Engineer to join our Digital Forensics and Incident Response (DFIR) team within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks.
The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause.
As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams.
Responsibilities:
Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required.
Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders.
Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
Develop, maintain, and improve incident response plans, procedures, and playbooks to help ensure swift action and regulatory compliance.
Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements.
Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices.
Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
Assess vulnerabilities, propose remediation strategies, and keep up to date on current and emerging security trends, threats, and countermeasures.

we are looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environments-Windows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

Our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC.
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks.
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews.
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements.
Automate security processes and integrate security tools within CI/CD pipelines.
Develop and deliver secure coding training to engineering teams.

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.