לוח משרות דרושים ראש צוות פיתוח אבטחת מידע /סייבר

Job Description:
Provide end-to-end guidance for technology projects on application security aspects, from initiation to production, while defining security policies.
Draft security guidelines for development teams to ensure secure coding practices, address vulnerabilities and security gaps in development and production environments and implement technological security solutions in application domains.
Collaborate in designing secure architectures aligned with company policies.
Identify application-level security gaps and define required controls.
Monitor and ensure compliance with cybersecurity risk management directives issued by the regulatory authority, organizational procedures, and security guidelines for various business and technology units.
Support application security assessments, including scope definition, validation of findings, and oversight of remediation efforts to close exposures.
Draft requirement documents for security products and innovative technologies.

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.
Your Impact
Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
Examine firewall, web, database, and other log sources to identify evidence of malicious activity
Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
Ability to perform travel requirements as needed to meet business demands (on average 20%)
Mentorship of team members in incident response and forensics best practices.

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.

As an Application Security Team Lead you will
Lead and mentor the Application Security team.
Develop and implement security automation solutions.
Conduct code reviews and vulnerability assessments.
Perform penetration testing (PT) and other offensive security activities.
Manage security projects and initiatives within complex SaaS environments.
Collaborate with development teams to integrate security into the Software Development Lifecycle (SDLC).
Develop and maintain security policies and procedures.
Provide technical guidance and expertise on application security best practices.
Report on security metrics and project progress to stakeholders.

We are looking for an experienced Vulnerability Researcher to lead our world-class vulnerability research team. As a Vulnerability Researcher Team Lead, you will perform research and responsible disclosure on the latest open-source software, working with your team to find flaws in the most popular components today. The position requires proven experience in vulnerability research, both on web applications and native applications.

As a Vulnerability Researcher Team Lead you will...
Research zero-day vulnerabilities in open-source projects and popular web applications.
Manage a team of senior researchers, setting the teams research targets and methodologies.
Manage the coordinated disclosure process for vulnerabilities identified by the team.
Write & review technical blogposts for vulnerabilities identified by the team
Speak in the most important global security conferences about vulnerabilities identified by the team.

We are looking for a Security Researcher to lead our research team. As a research team lead, you will perform security research on open-source projects in both web and low-level technologies, define how to identify exploitable security issues in an automated manner and develop code for that purpose, publish your findings on new vulnerabilities, and manage a team of highly-trained researchers.

As a Security Research Team Lead you will...
Research CVEs and one-day vulnerabilities from various coding languages and technologies, including PoC development.
Define how to find exploitable vulnerabilities automatically & develop code that identifies the instances where a vulnerability is exploitable.
Perform security research on various open-source technologies, frameworks, and libraries.
Publish your findings about the research subjects mentioned above.

We are on the lookout for a driven and experienced hands-on Team Leader to lead a group of cyber security experts responsible for our detection platform.
In this role, you will lead a team of security engineers and own the security coverage and accuracy of our detection platform to guide development and strengthen our customers' resilience to emerging unknown threats. Your expertise in cyber security will drive our true AI-driven detection platform.
Responsibilities
Mentor engineers, grow the team, and foster a culture of technical excellence and innovation.
Work closely with developers and data scientists to produce AI detection models.
Apply your cyber expertise to investigate emerging threats and define technical requirements to mitigate them.
Continuously assess and evaluate security coverage and accuracy.
Architect and build scalable solutions for evaluating the platform security metrics.
Bring your excellent interpersonal skills to foster collaboration and maintain a positive attitude within the team.

A leadership role responsible for defining and executing the cloud’s information security strategy. This includes managing and mentoring a professional security team, leading the design and implementation of advanced security architectures across cloud and hybrid environments, and overseeing the response to high-severity cyber incidents. The role requires strong technical leadership, strategic decision-making, cross-organizational collaboration, and regular communication with executive stakeholders. Key Responsibilities Security Architecture & Governance
* Lead the design and implementation of cloud security architectures aligned with CIS, NIST, and ISO27001 standards.
* Oversee the definition and enforcement of security controls: WAF, IAM, NACLs, Zero Trust, segmentation, and more.
* Develop and implement security policies, procedures, hardening baselines, and governance frameworks.
* Ensure hybrid (cloud + on-prem) security solutions are properly designed and maintained. Network & Security Engineering
* Oversee the design of secure network solutions in complex enterprise environments: BGP, OSPF, VPN, SD-WAN, MPLS.
* Manage and maintain enterprise firewall infrastructures (Fortinet / Check Point).
* Establish standards for secure networking and optimize network resilience, availability, and performance. Incident Response & Operations
* Lead the investigation and handling of complex cyber incidents, coordinating SOC and IR teams.
* Conduct root cause analysis and produce executive-level post-incident reports.
* Manage Tier-3 escalations and provide expert guidance for cloud and infrastructure-related issues. Cross-Organizational Collaboration
* Drive cross-functional security initiatives
* Work closely with Cloud, Network, IT, and Systems teams to embed security into workflows.
* Interface with external vendors, integrators, and service providers.
Leadership
* Lead, mentor, and develop the Information Security team.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

We are looking for an experienced technical leader to guide our high-impact XDR (Extended Detection and Response) team.
This is not a typical management position - its a rare opportunity to lead core innovation at the intersection of AI, advanced security research, and large-scale product development.
You will drive next-generation, AI-powered detection and response capabilities to stop sophisticated attacks such as APTs, ransomware, and emerging threat vectors across OS, browser, and network layers.
Your teams work will operate deep inside operating systems and network stacks, where performance, reliability, and security meet, protecting millions of users globally.

We are looking for a Team leader for our File Secuirty Core team to join our threat detection engines group.
You will develop our companys industry-leading sandbox solution in charge of the prevention of zero-days malware reaching the market.
You will work in multiple environments, large-scale cloud (AWS) microservices and on-prem solutions, a multiple development languages, and research the latest malware that exist in the wild.
We operate as an independent developing unit that enjoys flexibility, the option to make a big impact, and meaningful challenging work along with access to our companys malware research resources.
Key Responsibilities
Lead a team of developers that are both experts in development and Malware research.
Research malware behaviour and evasion techniques across all stages of the malware kill change from exploitation and infection to impact.
Hands-on development in C++/Python on multiple environments.
Design and develop mechanisms to detect suspicious and malicious activity on OS internals.
Collaborate cross-functionally with data scientists, project managers, and researchers.
Get experience with developing in a cloud-based and on-prem infrastructure.
Work alongside other engineers on the team to elevate technology and consistently apply best practices.