לוח משרות דרושים Senior Security Specialist

We are seeking a AI Security Researcher to join AI Adversarial Robustness Research (A2RS), a multidisciplinary team focused on securing AI and GenAI models and systems.
Were looking for innovative team players who love new challenges, enjoy cracking tough problems, and thrive in cross-functional environments.
In this role, you will partner with data scientists and security researchers to define how we secure AI applications.
Responsibilities
Research AI and GenAI systems from a security perspective to understand when and how they are vulnerable to a variety of threats
Blue team: Explore innovative ways to enhance the security of AI systems
Red team: Analyze the attack surface of state-of-the-art AI technologies
Center of Excellence: Collect and synthesize research literature and open-source tools to build and maintain a robust knowledge base for adversarial robustness of AI systems
Distill and share AI security knowledge within and externally through seminars, blogs, papers, and conference talks
We encourage you to apply if you
Are passionate about exploring the field of AI security
Are a seasoned security researcher who enjoys both red team and blue team work: performing threat analysis, discovering new attack vectors, and designing mitigations
Have a strong AI background (well beyond prompt engineering) and a passion for math and algorithms
Learn quickly and thrive in uncharted technical territories
Love to gain, share, and build knowledge.

We are seeking an experienced Senior Security Engineer to join our Digital Forensics and Incident Response (DFIR) team within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks.
The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause.
As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams.
Responsibilities:
Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required.
Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders.
Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
Develop, maintain, and improve incident response plans, procedures, and playbooks to help ensure swift action and regulatory compliance.
Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements.
Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices.
Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
Assess vulnerabilities, propose remediation strategies, and keep up to date on current and emerging security trends, threats, and countermeasures.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision.
Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.


Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:

Play a lot with the web-browsers, trying to find differences in behavior between them.

Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection

Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.

Understand customer specific requirements, deliver with impact and exceed customer expectations.

Discover adversary tactics, techniques, and procedures leveraged by bots.

Create and validate data insights to enhance detection excellence.

Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.

Find bad stuff on the internet, see if you can figure out how it is done, document it.

Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.

Contribute high impact work that substantially benefits team level metrics and OKRs.

Develop techniques, tools and scripts to simplify yours and others work.

Were hiring a Senior Security Engineer to help shift security left across product and platform teams, while also supporting internal corporate security needs. Youll drive impact through enablement, automation, and practical risk reduction.
Why this role matters?
Youll secure both what we build and how we work. That means embedding security into our products and CI/CD, and also supporting internal teams.
Security here is not a gate; its a force multiplier. Youll help engineering teams move faster safely, and ensure our colleagues have a secure foundation to do their best work.
Success means faster, safer releases and fewer reactive security escalations.
What will you do?
As a Senior Security Engineer, your mission will be to:
Partner with developers to embed security into design, build, and deploy stages
Automate vulnerability triage and mitigation flows
Secure CI/CD pipelines (GitHub, Jenkins) and execution environments (Kubernetes, Docker)
Tune WAFs, manage cloud security (AWS, GCP, Azure), and evolve Terraform practices
Support internal teams with secure production accesses, endpoint hardening, and access policies
Lead security reviews across app, infra, and corporate environments
Advocate for security standards with clarity and empathy
The Team Environment:
Youll join a cross-cultural, globally distributed security team that thrives on collaboration, curiosity, and continuous learning. We bring together a wide range of experiences and backgrounds to solve meaningful problems.
We support each other through knowledge sharing sessions, workshops, and async collaboration. Youll have the chance to attend industry conferences, participate in internal guilds, and continuously sharpen your skills using our dedicated security training platform.
How we work:
Autonomy with alignment: own your work, stay connected to purpose
Bias for action: ship, learn, improve
Enablement mindset: security exists to empower teams, not slow them down
Simple and pragmatic: perfect is the enemy of shipped
Please submit your CV in English.

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
Who You Are:
A proactive self-starter with deep expertise in application and cloud security
Passionate about secure development and enabling engineers through thoughtful guardrails
Clear and confident communicator who can influence across technical and non-technical teams
Curious about emerging threats and excited by the challenges of blockchain security
Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale
What Youll Actually Be Doing
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team.