לוח משרות דרושים Senior Security Specialist

A Software company, developing a Cloud Security Platform, is looking for a Senior Cloud Security Software Engineer to join her team.
In this role, youll design and build backend components and security features for a scalable cloud security platform, working closely with product, frontend, and infrastructure teams.
What youll do:
Research and adopt new technologies.
Design and implement cloud security features.
Build MVPs for new product capabilities.
Write clean, efficient Go code.
Design data models and database schemas.
Write unit, component, and integration tests.
Debug and troubleshoot production issues.
Participate in code reviews and contribute to team standards.
Collaborate with frontend and platform teams on end-to-end integrations.
Assist with documentation and occasionally represent the product through blogs or talks.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams. Rather than owning security alone, you’ll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless. You’ll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
* Lead and scale a Security Champions program embedded within engineering teams
* Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
* Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
* Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
* Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
* Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
* Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
* Stay current on emerging threats, developer tooling, and secure engineering patterns — sharing insights regularly with the team


Why You’ll Love Working Here:

* Flexible hybrid model: 3 days a week in the office
* ₪1,000 net monthly wellness benefit – from therapy to Pilates to your kid’s art class
* Full Keren Hishtalmut, private health & dental insurance
* Donation matching, volunteering days, team outings, and mentorship programs
* A mission-driven culture that values ownership, trust, and meaningful impact

Next Step:
Hit Apply!

Were seeking a Security Researcher to expand our products micro‑segmentation capabilities, advance our research function, and lead threat modeling and detection efforts against modern attack techniques across enterprise, hybrid, and cloud environments. Youll research and simulate real‑world threats, design defenses, help adapt our technology to diverse architectures, and contribute to our open‑source security tools and public research presence.
Responsibilities:
Lead research into modern security threats, with emphasis on lateral movement, privilege escalation, and post‑compromise techniques across on‑prem, hybrid, and cloud environments.
Analyze and model enterprise infrastructure, networking, and identity systems to identify attack surfaces and opportunities for segmentation.
Work closely with product and engineering teams to design and validate new security controls, detection logic, and segmentation strategies.
Research and exploit misconfigurations or weaknesses in identity systems, networking, authentication protocols, and platform services.
Build proof‑of‑concept attacks and detection techniques that inform both our commercial product and our open‑source projects.
Contribute to the development and maintenance of open‑source security tools, threat simulations, and internal research frameworks.
Produce high‑quality technical blog posts, research papers, talks, and online content to share findings and strengthen our presence in the security community.

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
What Youll Actually Be Doing:
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team.

Are you passionate about staying one step ahead of cyber threats? Do you thrive at the intersection of deep technical expertise and strategic leadership?
We're looking for an exceptional Offensive Security & Research Team Leader to drive cutting-edge offensive operations, lead a team of elite security professionals, and shape the future of cyber resilience.
In this role, you'll lead hands-on red team activities, threat research, and vulnerability discovery-pushing the boundaries of what's possible in cyber offense. You will work closely with product, engineering, and executive stakeholders to translate complex attack scenarios into real-world risk mitigation strategies.
This is more than a leadership position-it's an opportunity to build and scale a high-impact team at the forefront of the cybersecurity landscape.
Job Description:
Lead a high-performing offensive security team specializing in red teaming, threat emulation, advanced adversary simulation, and vulnerability research.
Mentor and grow team members, fostering a culture of continuous learning, innovation, and operational excellence.
Promote a culture of innovation, encouraging curiosity and technical excellence within the team.
Translate technical discoveries into operational insights that enhance offensive engagements and deliver clear value to clients
Collaborate cross-functionally with our cyber offensive and defensive teams
Develop and maintain internal tools and methodologies that enhance offensive capabilities, automation, and reporting accuracy.
Design and execute tailored offensive engagements, including full-scope red team operations, assumed breach scenarios, and social engineering campaigns.

we are looking for a Manager Cyber Defense Center
Responsibilities
Lead, mentor, and manage a team of analysts and incident responders, fostering a culture of continuous improvement and collaboration.
Oversee real-time monitoring, analysis, and escalation of security events using SIEM, SOAR, and other security tools.
Develop, implement, and optimize SOC processes, playbooks, and standard operating procedures.
Coordinate incident response activities, ensuring timely investigation, containment, eradication, and recovery from cyber incidents.
Serve as the primary point of contact for major security incidents, coordinating with internal stakeholders and external partners as needed. Ensuring effective communication and coordination among stakeholders throughout the lifecycle of security incidents.
Stay informed on the latest cyber threats, vulnerabilities, and regulatory developments to adapt the organizations security posture proactively.
Prepare and deliver regular reports, metrics, and presentations to executive management regarding Cyber Defense Center's performance and emerging risks.
Support compliance efforts and audits related to cybersecurity frameworks (e.g., SOC2, ISO 27001).
Manage Cyber Defense Center's technology stack, including evaluating and recommending tools and solutions for threat detection and response.
Establish and lead a dedicated purple team to enhance detection, response, and resilience against threats.

Join the company Security Intelligence Response Team (SIRT) as a Senior Security Researcher II Lead. Serve as a technical expert and thought leader in cyber threat intelligence, adversary techniques, and advanced threat research.
Shape internet security
A Senior Security Researcher II Lead at our company SIRT leads advanced threat intelligence research, investigations, and incident response strategies. This role combines technical research, strategic intelligence analysis, and cross-functional leadership. The position shapes product direction, enhances customer defenses, and strengthens our company's reputation as a global security expert.
As a Senior Security Researcher II Lead, you will be focused on:
Conducting advanced threat research and intelligence generation on DDoS, WAF, bot abuse, API exploitation, zero-days, and emerging attack methods.
Conducting threat actor research by analyzing motivations, assessing capabilities, tracking infrastructure, and attributing campaigns effectively.
Serving as a technical escalation point and Subject Matter Expert (SME) during critical security incidents
Supporting forensic investigations and post-compromise analysis for complex or high-impact cases
Authoring and contributing to our company SIRT publications, including:Threat Advisories, White Papers, Real-time and post-incident intelligence reports.