לוח משרות דרושים הייטק אבטחת מידע / סייבר בשרון

our company has been delivering smart, scalable web solutions for nearly two decades, specializing in Shopify, application development, and third-party system integrations. We love connecting systems almost as much as we enjoy connecting with our clients.
We are looking for a hands-on DevSecOps Specialist to lead and improve security across our cloud infrastructure, development workflows, production environments, and internal systems. This is a high-ownership security role designed for someone with a strong Cloud / DevOps / infrastructure background who wants to grow deeper into security. You do not need to have held a dedicated security position before, but you should bring strong production experience, serious curiosity about security, and the ownership mindset needed to become our internal security lead. We understand that this is a growth path, and we will provide the time, support, and resources needed for the right person to develop into the role.
What youll do
* Take hands-on ownership of security processes across cloud, servers, infrastructure, CI/CD pipelines, and internal systems
* Build and implement practical security solutions, tools, policies, and workflows
* Work closely with engineering teams to integrate security into development and deployment processes
* Identify, prioritize, and help remediate security risks in production environments, networks, permissions, deployments, and services
* Help create and maintain internal security policies, processes, and documentation
* Support audits, compliance preparation, and external security reviews when needed

PlaxidityX is looking for a brilliant Security Researcher to join our elite team. In this role, you will combine offensive research with product innovation. You will conduct in-depth research and penetration testing on Automotive ECUs , uncovering vulnerabilities at both the hardware and software levels. Additionally, you will act as the 'Red Team' for our vehicle protection systems , simulating sophisticated attacks to ensure our detection capabilities stay ahead of global threats.
?What You’ll Do: ECU & Low-Level Research: Conduct deep-dive security research into Automotive Electronic Control Units (ECUs). Automotive Offensive Research: Analyze automotive protocols and architectures to identify, develop, and implement end-to-end attack vectors. Red Teaming: Serve as the internal adversary for our vehicle protection products. You will execute attacks to validate detection efficacy and provide the offensive 'ground truth' needed to improve our security logic. Collaborate with Data Scientists: Work closely with our Data Science teams to fine-tune AI-based detection features, helping to translate complex exploit behaviors into actionable data features.

Advantages:
Data Science & AI: Experience working with data teams, understanding of feature engineering, or experience fine-tuning AI models based on security domain expertise. OS Internals: High level of expertise in Linux / QNX / Android internals (both user and kernel space). Product Security: Experience building or testing Intrusion Detection/Prevention Systems (IDS/IPS) or EDR/XDR platforms. Automotive Knowledge: Understanding of automotive-specific protocols (CAN, Automotive Ethernet, UDS, etc.) and the ability to implement functional attacks against them.

We are looking for a highly motivated SOC/NOC Analyst to join our operations and security team. This role is responsible for monitoring, detecting, analyzing, and responding to security and network events across the organizations infrastructure and production environments.
The SOC/NOC Analyst will play a key role in maintaining service availability, identifying threats, investigating incidents, and ensuring timely escalation and resolution of operational and security issues. The ideal candidate is detail-oriented, analytical, and able to work effectively in a fast-paced, 24/7 environment.
Key Responsibilities :
Monitor security and network events using SIEM, monitoring, and alerting platforms.
Investigate alerts, anomalies, and incidents related to infrastructure, systems, applications, and network activity.
Perform first-level triage, validation, categorization, and escalation of security and operational incidents.
Respond to incidents involving suspicious activity, service disruption, connectivity issues, unauthorized access attempts, and infrastructure abnormalities.
Open, track, and update incidents in the ticketing system, ensuring accurate documentation and timely resolution.
Support incident response activities, including containment, evidence gathering, and post-incident analysis.
Monitor network performance, uptime, connectivity, and service health across production environments.
Assist in vulnerability management, log analysis, and security control validation.
Maintain runbooks, knowledge base articles, and operational documentation.
Contribute to process improvement initiatives to enhance monitoring coverage, response quality, and operational resilience.
Additional Notes :
This role requires shift-based work as part of a 24/7 monitoring and response function.

We are looking for a Senior Product Security Engineer to join our Information Security team.

This is a founding, high-impact role: the company's sole Product Security authority - responsible for building the product security domain from the ground up, defining standards across our product portfolio, and serving as the go-to expert for engineering teams.

Responsibilities
Define and own the Product Security strategy, roadmap, and standards.
Drive security integration throughout the entire SDLC - from design to production.
Lead secure product design, code reviews, and penetration test remediation.
Establish and enforce API security standards and secure coding frameworks.
Drive and enhance the bug bounty program.

We are looking for a highly skilled Cyber Security Engineer to play a key role in shaping and managing our internal security infrastructure, serving as a key partner to our global workforce.

In this role, you will take on complex security challenges across network security, corporate tooling, and access management.

You will help ensure our employees can work securely from anywhere in the world, leverage AI tools safely, and maintain our fast-paced culture without friction.

Responsibilities

Lead and optimize network security architectures, including modern SASE platforms, VPN configurations, SSL/TLS inspection, routing, and firewalls to ensure a seamless and a highly secure Zero Trust Network Access (ZTNA) environment.

Drive the deployment, configuration, and enhancement of enterprise security platforms, like Endpoint Security (EDR/XDR/DLP) and advanced Email Security suites (including SPF/DKIM/DMARC) from POC phase to production.

Act as a technical authority for our IAM architecture. Define strict security policies (MFA, Conditional Access) and work closely with the IT team to continuously improve our identity-first security posture.

Monitor and maintain our cloud security posture across AWS/GCP/Azure environments (including K8s & Containers). Implement cloud-native security controls, manage configurations, and ensure compliance with security standards across all cloud platforms.

Own the vulnerability management lifecycle for infrastructure, endpoints, and corporate software. Drive scanning, prioritization, and remediation tracking in close collaboration with DevOps and IT teams.

Support security incident response, assist in containment, contribute to post-mortem analysis, and help maintain IR runbooks relevant to your domains.

Help define and enforce secure usage policies for GenAI tools (e.g., Copilot, Claude, ChatGPT) to prevent data leakage.

Perform rapid, pragmatic security assessments for new SaaS applications and browser extensions.

As a Security Research Intern in the Autonomous Attack Disruption team, you will join the frontlines of our Defenders mission to stop attacks in near real-time. Under the mentorship of experienced researchers, you will analyze real-world attacker TTPs (Tactics, Techniques, and Procedures), reasoning over large-scale datasets to write logic that autonomously identifies and disrupts attackers before they can achieve their objectives.

This role requires applied security research expertise, big data analysis capabilities, and engineering skills to deliver production-ready protection at a global scale. This is your chance to see your research findings transformed into live defense logic that protects millions of users.

Responsibilities

Investigate real-world advanced attacker TTPs to support the development of high-fidelity protection logic across complex cross-domain kill-chains.

Apply security expertise to analyze massive telemetry sets using big-data query languages (KQL), reasoning over data to identify novel malicious patterns and engineer evidence-based detection rules.

Contribute to the implementation and coding of automated capabilities that autonomously disrupt sophisticated threats in near real-time.

Assist in the refinement of protection coverage by analyzing real-world attack telemetry to improve the accuracy and performance of existing detection logics.

Contribute to a strategic feedback loop by documenting findings from attack data analysis to improve overall protection logic and system-wide security posture.

Partner with engineering and product teams to translate research insights into production-ready code, helping to validate protection concepts and ship them at a global scale.

We are currently hiring for multiple Security Research positions across our Microsoft Defender Research teams in Israel. By applying to this unified pipeline, you will be considered for a high-impact role (at either the Security Researcher II or Senior Security Researcher role) within one of our specialized groups, including Autonomous Attack Disruption, Cloud Workload Protection, Identity Research, Posture Research, or Security for AI.

We are looking for passionate, highly skilled security researchers who thrive on the challenge of breaking complex attacker kill-chains. Leveraging Microsofts dominant market position and the worlds most massive telemetry set, you will have a direct, tangible impact on the security of the global economy. We are looking for researchers who want to see their findings transformed into production-ready protection, where the ultimate goal is not just to detect threats, but to prevent and stop them in near real-time.

Responsibilities
Investigate real world advanced attacker TTPs to develop high-fidelity protection signals, and robust logic across complex kill-chains.

Design and implement innovative capabilities that autonomously prevent, detect and disrupt sophisticated threats in near real-time.

Infuse deep security expertise into the analysis of massive telemetry sets using big-data query languages, reasoning over data to identify novel malicious patterns, and drive evidence-based research decisions.

Partner with engineering and product teams to share research insights, validate protection concepts, and push ideas forward into production-ready protection at a global scale.

Contribute expert insights to a strategic feedback loop by analyzing real-world attack data and telemetry to refine protection coverage and accuracy.

As an AI Security Research Intern in the Autonomous Attack Disruption team, you will join the frontlines of our Defender's mission to stop attacks in near real-time. Under the mentorship of experienced researchers, use AI to analyze real-world attacker TTPs and build systems that autonomously detect and disrupt attacks before adversaries reach their goals, including agentic pipelines and LLM-based threat analysis.

This role requires a blend of applied security research expertise, AI fundamentals, and engineering skills to deliver production-ready protection at a global scale. This is your chance to see your AI-powered research transformed into autonomous defense systems that protects millions of users.

Responsibilities
Investigate real-world advanced attacker TTPs and apply AI techniques (LLMs, agentic workflows) to support the development of high-fidelity, AI-augmented protection logic across complex cross-domain kill-chains.
Apply security expertise combined with AI-driven methods to analyze massive telemetry sets using big-data query languages (KQL) and AI-driven analysis, reasoning over data to identify novel malicious patterns and engineer evidence-based detection rules.
Contribute to the design and implementation of AI-powered capabilities that autonomously disrupt sophisticated threats in near real-time.
Assist in the refinement of protection coverage by analyzing real-world attack telemetry to improve the accuracy and performance of existing detection logics.
Contribute to a strategic feedback loop by documenting findings from attack data analysis to improve overall protection logic and system-wide security posture.
Partner with engineering, product, and other research teams to translate research insights into production-ready AI systems, helping to validate protection concepts, from prompt engineering to model evaluation, and ship them at a global scale.
Explore and prototype with emerging AI tools and frameworks to accelerate security research workflows and build reusable AI-driven research tooling.

Power the Future with us! SolarEdge (NASDAQ: SEDG), is a global leader in high-performance smart energy technology, with over 3000 employees, offices in 34 countries, and millions of products installed in over 133 countries. Our diverse product offering comprises intelligent solar inverters, battery storage, backup systems, EV charging, and complete home energy management ecosystems. By leveraging world-class engineering capabilities and with a relentless focus on innovation, we strive to create a world where clean, green energy from the sun is the primary source of power for our homes, businesses, and just about everywhere we thrive We are looking for a talented, team-person who will join our Cyber Security team and help us tackle the toughest security challenges in protecting the company digital assets in our network. This role is a team member in our IT cyber security team. The Cyber Security team is composed of strong and experienced security engineers, responsible for design, implement, analyze, and maintain security controls or our enterprise and SAAS environments Job Description:
* Lead O365 and Identity security
* Architect secure network and application layouts
* Choose and configure security controls and workflows
* Handle emerging threats such as AI creatively
* Use AI dev tools to build security automation and internal tooling
* Mentor other security engineers and raise team capabilities
* Partner closely with Dev, DevOps, Platform, and IT teams
* Define clear, actionable security standards and drive adoption
* Act as a cyber security expert for various IT and R&D projects

Country:
Israel

City:
Herzliya

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement

we are looking for a Senior Low-Level Security Researcher.
As an Embedded security researcher, you will be dealing with:
Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.

we are looking for a Senior Vulnerability Researcher.
As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.

Were looking for a Developer Advocate who can help bring our platform, innovations, and community impact to the next level.
This role sits at the intersection of engineering, product, and the global developer community. Youll translate our technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into our R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent us across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around our core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where we should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

Required Security Solution Architect
This is a hybrid position. Workdays are Monday to Friday.
As a Security Solution Architect, you will be a high-impact technical practitioner and the definitive domain expert in Application Security (AppSec) and software supply chain security. You are a strategic "force multiplier" for our Strategic customers Solutions Engineering organization, leveraging deep technical roots to bridge the gap between developer-centric workflows, IT security teams, and executive risk management. You will serve as the technical authority that internal teams and external customers "pull" into their most complex and critical security opportunities.
As a Security Solution Architect you will...
Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring our security capabilities provide a "Future State" blueprint for our most strategic customers.
Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight our unique ability to secure the entire lifecycle.
Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".