לוח משרות דרושים מהנדס סייבר

Application Security Engineer

Raanana, Israel

In this mission critical role as an Application Security Engineer, you will be part of a dynamic global application security team, working directly with software architects and software engineers to perform penetration testing on software solutions developed within the company. In addition, youll collaborate with engineering to triage security findings and review remediation techniques in order to harden and improve the security of software across multiple types of products.

With NCR Voyix as a software-focused company, youll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And youll be instrumental in helping teams add in security testing as part of their build and release pipelines. produces hardware and software for major companies in Retail, Restaurants, and Digital Banking come help secure the state-of-the-art!

Responsibilities:

Conducting manual penetration tests of software
Assessing risk level of security findings using standard methodologies
Running automated application security tools
Writing and presenting pen test reports to development teams
Consulting with development teams on remediation techniques and defensive coding
Validation testing to confirm findings are closed
Develop, integrate, and enable security engineering test automation into a CI/CD pipeline
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes

Our Security team is looking for a security savvy person to join as an Cloud Security Engineer to help validate our services and environments according to the highest security standards. You will work closely with our R&D and Security teams, and solve complex security problems.
The ideal candidate is highly motivated, demonstrates a can do' attitude and needs to have a combination of technical and communication skills, as well as the ability to handle a mix of multiple tasks including projects and technical work. This role will provide career growth opportunities as you develop & acquire new security skills in the course of your duties.
What youll do:
Manage the Cloud & Data Security Governance program for AWS/GCP
Design and implement our cloud/data security benchmarks
Own the cloud organization operations including Identity & Access Management and Securing Cloud Accounts/Projects
Build processes to effectively manage cloud and data risks across AWS/GCP environments
Partner closely with our security and devops teams to detect, prevent and remediate cloud & data risks
Provide mentorship & training around securing our cloud & data to stakeholders including Security & R&D teams.

we are looking for an Incident Response Manager to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience focus and speed of response teams can mean the difference between a minor blow and a devastating impact on performance and reputation of organizations.

The Incident Response Manager is both a subject matter expert for clients and team members, and a leader. Significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security team

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.



Main Responsibilities:

Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
On a typical day youll:
Be responsible for completing a thorough software and systems risk assessment, identifying vulnerabilities within a network, and creating firewall rules, hardenings, or configuring systems to enhance existing security features.
Is expected to respond to, and document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way. They must also be proficient in:
Understanding complex technical issues and managing them within a fast-paced business environment
Maintaining all the software and hardware in relation to security
Documenting security certifications
Identifying current and emerging technology issues including security trends, vulnerabilities and threats
Threat intelligence
Sourcing and implementing new security solutions to better protect the organization
Conducting proactive research to analyze security weaknesses and recommend appropriate strategies
Liaising with vendors to implement security solutions

We are looking for an exceptional Senior Security Engineer to join our growing team. For the first 6 months you will:
Bolster and develop our defensive security capabilities, identifying advanced threats to us, developing and implementing countermeasures
Responding to incidents and conducting investigations as events happen through analyzing logs and various other sources (ex: AWS Guardduty, SecurityHub, Detective, etc.)
Engineer and automate custom detection and response capabilities to combat malicious and/or unwanted behaviors within the environment
Stay up to date with Tactics, Techniques, and Procedures (TTPs) that may apply to us and define and implement mitigation techniques to improve our overall risk posture
You will be part of a new product security team responsible for building, supporting, enhancing and improving our security frameworks, tools, processes and methodologies used across our SDLC and Runtime environments.
In this role, you will also be responsible to:
Conduct in-depth vulnerability assessments and security auditing of assets
Develop and improve processes for incident detection and the execution of countermeasures
Contribute to the creation and upkeep of run books to handle security incidents
Administer security configuration for threat management platforms for large-scale environments, including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools
Contribute and showcase as a SOAR platform used within our Security Operations
Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations
Consult with our security compliance team during security audits to demonstrate our technical security capabilities
Collaborate with Product Management and Development team members to enhance our Security program
Take part in the Security Operations on-call rotation, including leading all incident response efforts and documentation during your rotation

Required Networking Resilience Engineer
Job Description
Quickly identify and resolve infrastructural problems related to networking and security stacks
Work with all aspects of our rapidly-developing infrastructure
Design and implement the next generation of tools and networking changes needed to assure stability, increase velocity, and enhance users experience by optimizing the networking stack
Be a member of the Systems Team and participate in on-call duties (1 week every 5-6 weeks)
Make sure that our network services across the entire company are effective, secure, and easy to use
Be part of our innovative culture, which includes proposing, convincing, and executing any activity that you find contributes to the success.

We are looking for a Cybersecurity Software Engineer for our Research team. Join us in building a robust real-time detection and transformation engine and contribute to content development and security engineering.
RESPONSIBILITIES
Work as a member of an Agile Scrum team to design, develop, and maintain detection and investigation content, large-scale data stream processing pipelines and backend components on top of Flink, K8S, and AWS.
Improve existing tooling, APIs, and logging mechanisms for streamlined data processing.
Collaborate on optimizing SQL queries for superior system performance and cost reduction.
Share expertise with the Research team, contributing to a collaborative learning environment.
Design, develop, and implement solutions to handle scaling with good performance & cost that are easy to maintain.
Take a crucial part in content development to enhance the effectiveness of our threat detection and response capabilities.
Collaborate with engineers across our R&D group and Product Managers to improve our platform.
Develop and implement data quality checks to ensure accuracy and completeness of data and work on externalizing monitoring capabilities.

As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC).
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications.
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass.
Conduct threat modeling and architecture security review.
Develop and maintain secure coding standards and guidelines for application developers.
Monitor and analyze security incidents and provide timely response and resolution.
Stay current with emerging threats, vulnerabilities, and industry best practices in application security.
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts.
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes.
Deliver secured development training to developers.

About us:
An Israeli research and development company that analyzes cyber and technological security threats and designs secure architectures and controls for complex systems. We provide our customers with cyber-resilient architecture design, research and development of innovative security controls, hardware security, and system security engineering, as well as expertise in protecting RF and Wireless channels, cryptography, quantum communication and more.
Job Description:
As a system Engineer in multidisciplinary projects focused on RF and communication systems you will lead the engineering aspects of the system, conduct system design surveys and participate in various design and testing stages of the system. You will also take part in cyber research and analysis, threat research, characterize protection and cyber products, and develop innovative cyber- RF solutions.
Option for full-time or part-time employment.

We are looking for a Senior Data Analyst who will join our R&D team .As a Data Analyst, you will have a significant opportunity for impact, driving the company to new heights. You will influence decision making processes throughout the user journey, be a partner to different teams, and drive strategic business decisions that shape the direction of the company.

What you will do

Identify, analyze, and interpret trends or patterns in complex data sets to drive actionable insights
Understanding business operations requirements and creating useful and planned solutions to address data needs
Analyze large datasets and provide useful actionable recommendations to support the business operations goals
Develop data processes and build data infrastructure for the relevant stakeholders
Build and maintain reports, dashboards, and KPIs to monitor performance
Translate business requirements to analytical logics, and create a clear visualization which "tells the story"

Join us on our mission of protecting organizations against the most advanced attackers in the world!
the leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. As a result, thousands of security professionals and service providers worldwide use our platform to guide remediation and close security gaps before they are exploited.
We are a unicorn with more than 320 employees around the globe, with over 800 customers in production in more than 50 countries!
has won various Industry Awards, including the Frost & Sullivan Best Practices Award for Global Breach & Attack Simulation (BAS) Market Leadership 2022 and the 2020 Gartner Cool Vendor Award. We are backed by Top tier investors such as Insight Partners, K1 Investment Management, The Blackstone Group, and AWZ.
Penterians are one team with a shared mission. Become a Penterian change the way the world does cyber!
About the Role:
We are looking for an all-around offsec attack researcher to join our group and become part of the revolution.
Roles and Responsibilities:
Conduct state of the art research on windows platforms and be one step ahead of real threat actors in areas such as AV/EDR evasion, subvert communication channels, binary exploitation and vulnerability research.
Integrate the research outputs into attack platforms for enhancing the automation ecosystem with new attack capabilities.
Develop decision-making algorithms to bridge the gap between an automated system and an experienced human attacker
Develop production-ready attack capabilities. What development language is relevant? WHATEVER IT TAKES!
Python, C/C++, CSharp, Java, Office Macros, Bash, Powershell, Go, Assembly,
Mentor other members of the R&D team.
So, can we offer you the red pill and join our journey to create the ultimate automated hacker?

We are looking for a Network & Security Engineer to join our fast-growing Network & security team.
Reporting to our Network @ Security Team Leader. You will be supporting the team in protecting the high-level technological environment and participating in core-business innovative processes in a challenging and rising field of the FinTech industry.
As a Network & Security Engineer, you will be working in a positive-security and business-enabling approach using creative and out-of-the-box thinking while using state-of-the-art security suites daily.
Responsibilities:
Management and maintenance of network and security products with an emphasis on WAF, Anti-DDoS, proxy, FW, NAC, Cloud, Routers, and Switches
Escalated tier in managing the information security events from SIEM/SOC
Monitoring & enforcing the company's information security policy and compliance with the regulation
Accompanying and guiding technological projects, examining new information security products, and implementing POCs
Developing and maintaining security inventories and audits of IT infrastructure
Defining, implementing, assessing, and maintaining controls necessary to protect the network and Internet perimeters following security requirements
Managing secure configurations and changes for networks, hardware, systems, and mobile devices
Ability to learn the business processes to provide resolution to support problems.
Can effectively categorize support problems and respond with the appropriate level of urgency, steering support tasks to the appropriate team
Ability to participate in a 24x7 on-call rotation as scheduled, and the ability to perform after-hours support as needed.