לוח משרות דרושים הייטק אבטחת מידע / סייבר בשרון, לחיפוש זה נמצאו 59 משרות

we are looking for a Embedded Systems Vulnerability Researcher.
As an Embedded Systems Vulnerability Researcher, you will operate at the cutting edge of security projects. Your mission is to identify, exploit, and mitigate security flaws in complex hardware/software ecosystems. You will bridge the gap between the digital and analog worlds, analyzing everything from low-level firmware to the electromagnetic spectrum.
Responsibilities:
Vulnerability Discovery: Perform deep-dive security analysis and "bug hunting" on proprietary embedded systems and RTOS.
Exploit Development: Create Proof-of-Concept (PoC) exploits for identified vulnerabilities, including memory corruption, logic flaws, etc.
Firmware Analysis: Conduct static and dynamic analysis of binary blobs using advanced reverse engineering suites.
Hardware Probing: Utilize JTAG, UART, and SWD interfaces to extract firmware, monitor execution, etc.
Tooling: Develop custom scripts and tools in Python, C, C++ to automate the research and exploitation pipeline.

We seek an embedded security researcher to join us in developing cutting-edge cybersecurity projects.
Responsibilities:
As an Embedded security researcher, you will be dealing with:
Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.

we are looking for a Security Researcher to research and develop cutting-edge cyber projects.
We face highly complex technological challenges and need talents to help us overcome them.
Do what you love:
As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.

Power the Future with us! we are a global leader in high-performance smart energy technology, with over 3000 employees, offices in 34 countries, and millions of products installed in over 133 countries. Our diverse product offering comprises intelligent solar inverters, battery Storage, backup systems, EV charging, and complete home energy management ecosystems. By leveraging world-class engineering capabilities and with a relentless focus on innovation, we strive to create a world where clean, green energy from the sun is the primary source of power for our homes, businesses, and just about everywhere we thrive We're looking for a Cyber security Architect to set the technical direction for security across our entire estate - on-premises infrastructure, R&D and product engineering, and cloud. You'll own reference architectures, lead security projects end-to-end, and partner closely with infrastructure, engineering, and DevOps teams to embed security by design. This is a hands-on senior role: you're equally comfortable presenting a strategy to executives and pulling apart a threat model with engineers. What you'll do
* Design and govern security architectures that span data centers, product platforms, and cloud workloads - bringing one coherent control story across all three.
* Lead threat modeling and architectural risk assessments for major projects, translating findings into prioritized design changes.
* Define and maintain reference architectures, security patterns, and hardening baselines covering identity, network segmentation, endpoint, application, and data protection. Embed security into the SSDLC and review new product features and platform changes before they ship.
* Architect cloud landing zones, IAM, network and key management, CSPM/CWP coverage, and container/Kubernetes security.
* Mentor security engineers, brief executives, and act as the senior technical authority for security across IT, R&D, and cloud.


Country:
Israel

City:
Herzliya

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement.

Required Developer Advocate
This role sits at the intersection of engineering, product, and the global developer community. Youll translate our technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into our R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent us across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around our core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where we should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs.

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

Required Security Solution Architect
As a Security Solution Architect, you will be a high-impact technical practitioner and the definitive domain expert in Application Security (AppSec) and software supply chain security. You are a strategic "force multiplier" for our Strategic customers Solutions Engineering organization, leveraging deep technical roots to bridge the gap between developer-centric workflows, IT security teams, and executive risk management. You will serve as the technical authority that internal teams and external customers "pull" into their most complex and critical security opportunities.
As a Security Solution Architect you will...
Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring our security capabilities provide a "Future State" blueprint for our most strategic customers.
Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight our unique ability to secure the entire lifecycle.
Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".

we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.

we are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science.
Responsibilities
Participate in Red Team and Risk assessments under the guidance of senior team members
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
Learn and simulate attacker tactics, techniques, and procedures (TTPs)
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance
Participate in internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios

As a Senior Security Researcher you will be responsible for researching multiple domains in the Automotive, AI, API, IoT and Mobility ecosystems, work closely with our domain researchers, data-scientists, development teams, as well as work with customers to build a cutting edge cybersecurity product at Upstream.

This role is full-time and is Israel based.

Responsibilities
AI Security - research LLM and MCP based attack methods
API Security - research API vulnerabilities and attack methods.
Research the Automotive Cybersecurity ecosystem: Automotive protocols - Both in-vehicle and external vehicle communications, Vehicle Architectures, Device research - Hardware, reverse-engineering, vulnerability research.
Mobility IoT Security - research IoT protocols and devices for vulnerabilities and attack methods.
Develop cyber-attack detection techniques and methodologies.
Develop research tools and technologies.

Required Vulnerability Researcher
Want to make an instant impact?
Be a part of the top cyber research teams in the industry and make the world a better place!
As a Vulnerability Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding vulnerabilities and circumventing modern mitigation techniques
Our perks:
A competitive compensation package
Hybrid and flexible
Multiple career advancement opportunities
Incredible benefits.

Required Detection & Incident Response Team Lead
As a Detection & Incident Response Team Lead, you will:
Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
Leverage open-source tools and frameworks to support threat attribution and research
Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders.

Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

Required Security Researcher
As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Your role will include: Researching OS internals, deconstructing of applications, architecture reviews and red-team tests
Define product requirements, alert mechanisms, working procedures and more.