לוח משרות דרושים הייטק אבטחת מידע / סייבר משרה מלאה

We are seeking an experienced Security Researcher to join our development team for an XDR system on Windows. The role involves in-depth research into cyber threats, vulnerability analysis, and developing tools for system protection. The ideal candidate has extensive knowledge of Windows Internals, cybersecurity, and how EDR systems operate. Knowledge of Linux is a significant advantage.
Key Responsibilities
Conduct in-depth research on emerging cyber threats, including analysis of malicious behaviors in Windows environments.
Develop and implement tools and scripts for real-time threat detection and response in the XDR system.
Analyze Windows Internals, including processes, memory, and system files, to identify vulnerabilities.
Collaborate with the development team to integrate research findings into the product code.
Write technical reports and articles on findings and cybersecurity trends.
Test existing tools and improve them based on developments in the security field.

The Mission: Build the Future of Cyber Protection.
Lead Innovation. Shape the Next Generation of Cyber Defense.
We are looking for an experienced technical leader to guide our high-impact XDR (Extended Detection and Response) team.
This is not a typical management position - its a rare opportunity to lead core innovation at the intersection of AI, advanced security research, and large-scale product development.
You will drive next-generation, AI-powered detection and response capabilities to stop sophisticated attacks such as APTs, ransomware, and emerging threat vectors across OS, browser, and network layers.
Your teams work will operate deep inside operating systems and network stacks, where performance, reliability, and security meet, protecting millions of users globally.
As a player-coach, you will combine leadership with strong technical direction.
You will serve as the front-facing innovation leader, collaborating with other teams, steering joint research initiatives, and influencing the future of Huaweis cybersecurity strategy.
You will:
Lead & Mentor a High-Impact Team
Empower engineers, data scientists, and security researchers. Foster a modern culture of innovation, experimentation, and technical excellence.
Drive AI-Enabled Security Innovation
Shape the architecture and roadmap for advanced detection engines, behavioral analytics, and ML-driven prevention technologies.
Be a Hands-On Technical Leader
Demonstrate real technical credibility through contributions to architecture, design, and complex kernel/user-level components on Linux and/or Windows.
Own the team's Full R&D Lifecycle from initial research and PoCs to productization, optimization, and global-scale deployment.
Collaborate with external partners, and academic collaborators. Lead cross-border innovation and ensure technology alignment.

Required Fraud Lead (Technical Architect)
Tel Aviv-Yafo, Gush Dan, Israel
We offer the industrys only platform that fuses customer identity and anti-fraud solutions - customer identity management, identity verification, and fraud prevention.
We sell to industries with large, consumer-facing businesses such as: banking, financial services, insurance, fintech, gaming, ecommerce/retail, telco / media, utilities, etc.
About the Role:
The Fraud Lead is the principal technical authority for our fraud detection and response engine. You own the professional logic that powers our product, ensuring that the "Brain" of our platform is technically cohesive, scientifically rigorous, and market-leading.
You act as a System Architect for the fraud domain, connecting the dots between Research, Data Science, and Analytics. Crucially, you serve as the primary technical consultant for our customers, helping them understand, integrate, and optimize the fraud logic that protects their environments. You work alongside a separate Product group (who defines the roadmap) and a Platform Engineering group (who builds the infrastructure).
What youll do:
Technical Domain Architecture
Logic Blueprinting: Design the end-to-end technical logic for detection features-from telemetry ingestion to real-time response actions.
Cross-Team "Glue": Ensure that Fraud Research insights are effectively operationalized by the Data Science team and surfaced correctly by the Analytics team.
Architecture Governance: Set the technical standards for how detection logic is built, ensuring it is scalable and compatible with the Platform Engineering teams infrastructure.
Customer Fronting & Technical Advisory
Technical Subject Matter Expert: Act as the lead technical consultant for high-value customers. You will lead "deep-dive" sessions with client-side engineers and fraud experts to explain our detection methodologies and data requirements.
Integration Strategy: Advise customers on how to best leverage our technical logic within their specific business contexts.
Feedback Loop: Translate complex customer technical needs and "edge case" fraud patterns back into technical requirements for the internal fraud group.
Expert Implementation
Hands-on Prototyping: Remain an expert practitioner in Python and SQL. You will prototype new detection methodologies and perform technical validation of production models.
Quality & Observability: Design the technical frameworks that ensure our detection logic remains performant and observable in live customer environments.

Required Fraud Group Manager
Tel Aviv-Yafo, Gush Dan, Israel
We offer the industrys only platform that fuses customer identity and anti-fraud solutions - customer identity management, identity verification, and fraud prevention.
We sell to industries with large, consumer-facing businesses such as: banking, financial services, insurance, fintech, gaming, ecommerce/retail, telco / media, utilities, etc.
About the Role:
The Fraud Group Manager leads the professional organization responsible for the "Intelligence Core" of our fraud detection products. You manage three specialized teams-Fraud Data Science, Fraud Research, and Fraud Analytics-that implement the core logic our customers use to fight fraud.
In this role, you aren't just a strategist; you are a Production Owner. You are responsible for the health, observability, and continuous improvement of detection logic in live environments. You work in a high-impact triad with Product Management and Platform Engineering, serving as the bridge between deep technical expertise and the customers who rely on our product to protect their business.
What youll do:
Group Leadership & Customer Engagement
Direct Management: Lead and scale a multidisciplinary organization of Data Scientists, Researchers, and Analysts.
Customer Fronting: Act as the primary technical fraud authority for our customers. You will join high-stakes meetings with CISOs and Fraud Heads to explain our detection logic, address performance concerns, and align our roadmap with their evolving threat landscape.
Stakeholder Orchestration: Partner with Product Management to define the "what" and Platform Engineering to ensure the "how" (infrastructure) meets your group's logic requirements.
Production Ownership & Quality Systems
Detection Observability: Own the end-to-end monitoring and health of fraud detection in production. You ensure that we have the visibility to know if a model is degrading or a specific customers detection is underperforming.
On-Call for Performance: Serve as the escalation point for critical detection failures or sudden spikes in false positives/negatives, ensuring rapid mitigation for impacted customers.
Quality Assurance Framework: Create and maintain a robust quality system (CI/CD for fraud logic) to ensure smooth, ongoing updates to detection models and heuristics without disrupting customer environments.
Lifecycle Management: Oversee the continuous tuning and optimization of live detection logic based on real-world feedback loops.
Technical Execution
Hands-on Vetting: Maintain deep technical fluency. You must be able to review Python code, validate complex SQL queries, and interpret model performance metrics to ensure they meet our high standards.
Logic Governance: Define the schemas and standards for how detection logic is developed, ensuring that research insights are effectively operationalized by the Data Science team.

We are expanding our Research Team and are looking for a Junior Malware Researcher with a strong technical mindset, excellent communication skills, and a passion for problem-solving.
As a Malware Researcher, you will be responsible for hunting emerging malware and malvertising campaigns and developing effective detection methods to protect our global customers. You will work closely with the R&D and Product teams and be part of a friendly, professional team based in Tel Aviv, supporting customers worldwide.
Responsibilities:
Detect, monitor, and hunt new malvertising and malware threats
Research new attack vectors, delivery methods, and evasion techniques
Develop and improve detection logic and signatures
Investigate malicious campaigns using internal tools, databases, logs, and external intelligence sources to uncover hidden patterns
Analyze web traffic, scripts, redirects, and network behavior to identify malicious activity
Collaborate with R&D and Product teams to translate research into production-grade protections
Contribute to internal documentation, research reports, and best practices to improve knowledge sharing and support processes

we are looking for an experienced, hands-on Chief Information Security Officer to build and lead our security strategy from the ground up. As a fast-growing mature privately held startup, we need a security leader who can balance strategic vision with roll-up-your-sleeves execution. This role is ideal for someone who thrives in dynamic environments and excels at owning and driving Information Security end to end. The CISO will report to the companys COO.
Key Responsibilities 
Oversee our companys end-to-end information security program, ensuring the protection of data, systems, applications, and employees.
Build, lead, and scale a high-performing security team of 5+ professionals.
Develop and implement a comprehensive security strategy aligned with business goals, industry best practices, and regulatory requirements.
Define and monitor company wide security policies, standards, governance frameworks, and technical controls (e.g., firewalls, IDS/IPS, endpoint security).
Lead Governance, Risk, and Compliance (GRC), including risk assessments, vulnerability management, incident response, and maintenance of the organizational risk register.
Drive proactive security monitoring and threat management, including insider threats, phishing, social engineering, credential theft, and emerging risks.
Conduct regular security assessments and partner with business units to identify, prioritize, and remediate vulnerabilities.
Ensure readiness for internal and external audits; manage the audit process with agencies, auditors, customers, and stakeholders.
Select, implement, and manage security technologies, tools, vendors, and processes supporting the organizations security objectives.
Closely collaborate with the IT team, who will be responsible for executing the security policies.
Collaborate with DevOps and engineering teams to strengthen security posture and embed secure-SDLC practices.
Provide executive-level communication and reporting to leadership and the board regarding cybersecurity risks, investments, and priorities.
Develop and deliver organization-wide security awareness and training programs.
Manage the security budget and resources efficiently.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

As part of System Architecture group, the Cybersecurity System Architect will define the end-to-end architecture of advanced network security services, such as intrusion prevention systems (IPS), and host-based intrusion detection systems (HIDS) and firewalling. This role is at the forefront of integrating deep security intelligence into high-performance, scalable network operating systems and telecom-grade platforms.
As part of R&D core function, shaping next-generation secure network infrastructure by embedding deep packet inspection, behavioral analytics, and threat mitigation into the product architecture.
Responsibilities
1. Architecture of Integrated Security Services
Define and lead the system architecture for L3-L7 firewalling, stateful inspection, policy enforcement, and application-aware filtering.
Architect integration of IPS, DPI, signature- and anomaly-based detection, and evasion-resilient detection engines into control and data plane systems.
Specify how HIDS capabilities will be embedded or interfaced with NOS components for detecting host-based anomalies and compromise indicators.
2. Threat Detection & Prevention Frameworks
Design scalable architectures that support high-speed signature matching, traffic heuristics, and flow analysis under real-world traffic conditions.
Define mechanisms for rule updates, threat intelligence feeds, and integration of ML-based detection algorithms.
Architect policy engines for complex rule matching, including user-defined policy trees and hierarchical control structures.
3. Secure System Integration
Lead system-level threat modeling and security design reviews across platform, OS, and networking protocol layers.
Define secure communication paths, trust boundaries, and cryptographic protections for sensitive metadata, logs, and update mechanisms.
Ensure proper isolation and sandboxing of inspection/control modules, especially in multi-tenant or containerized environments.
4. Performance and Resilience Considerations
Design architectures to meet line-rate security enforcement, ensuring minimal latency overhead while preserving packet integrity.
Align with the HW Architecture for performance optimized flow offload strategies (e.g. hardware-assisted DPI).

We offer hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond to benefit the patients we serve. We are a dynamic, fast-paced company operating in over 34 countries on 5 continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are looking for Microsoft 365 Security Engineer to lead the implementation and continuous improvement of Microsoft security and compliance capabilities across the Microsoft 365 environment. The role focuses especially on Microsoft Purview and Microsoft Defender for Cloud Apps, and also covers Microsoft Defender for Office 365, Security for identity, Entra ID security controls, and security features across Exchange Online and collaboration services. You will translate requirements into technical design and configuration, implement and tune policies, rollout changes safely, troubleshoot complex issues, and document solutions and operational procedures. You will work closely with IT and system teams to ensure stable integrations, minimal business disruption, and measurable risk reduction.
Responsibilities:
Lead end to end implementation and ongoing improvement of Microsoft 365 security and compliance controls. Implement and operate Microsoft Purview, including sensitivity labels and DLP, and support additional compliance capabilities as needed. Implement and operate Microsoft Defender for Cloud Apps CASB, including cloud discovery, governance controls, and policy enforcement. Implement and tune Microsoft Defender for Office 365 protections for phishing, malware, and impersonation threats. Support identity driven security controls with Entra ID, including Conditional Access concepts and tenant security posture improvements. Improve Exchange Online security posture, mail flow protections, and related configurations. Create technical documentation, runbooks, and change plans, and provide operational support and troubleshooting. Partner with internal teams and stakeholders to plan rollouts, reduce false positives, and maintain business continuity. Experience in securing Microsoft SharePoint Online, including configuration of access controls, data protection policies, and compliance settings.
City:
Petah Tikva

Required Senior Embedded Vulnerability Researcher
Our mission is to deend and mitigate the danger from rogue drones.
We are looking to expand our drone take-over research team, which is responsible for the core technology of our product.
This is a great opportunity for you to expand your capabilities working on versatile and innovative cyber research projects as part of a young and extremely talented team.

we are seeking an Incident Response Lead to own and mature the companys global cyber incident response capability. This role sits within the CISO Office and is accountable for response execution, post-incident learning, and executive-level coordination across our companys cloud, infrastructure, and platform environments.
The Incident Response Lead will act as the single accountable owner for high-severity security incidents, ensuring rapid containment, accurate impact assessment, regulatory-compliant communications, and continuous improvement of detection and response capabilities.
This role requires deep technical expertise, strong crisis leadership, and the ability to operate under pressure in highly regulated, high-availability environments.
Key Responsibilities
Incident Response Leadership
Lead and coordinate of security incidents across our companys cloud, infrastructure, and corporate environments.
Act as Incident Commander during major incidents, driving containment, eradication, and recovery efforts.
Support and maintain clear incident classification, escalation, and decision-making frameworks.
Ensure 24/7 readiness through on-call structures, runbooks, and playbooks.
Detection, Triage, and Investigation
Oversee advanced incident triage and forensic investigations across:
Cloud platforms
Network and perimeter security
Identity and access systems
Supply chain and third-party risks
Partner with SOC, Threat Intelligence, and Threat Hunting teams to improve detection fidelity and reduce MTTR.
Ensure evidence handling meets legal, regulatory, and forensic standards.
Lead regulatory-ready incident documentation, timelines, and root cause analysis (RCA).
Support audits, regulatory inquiries, and executive reporting related to security incidents.
Executive & Cross-Functional Coordination
Serve as the primary incident response interface to:
CISO and executive leadership
Legal, Privacy, Compliance, and Communications teams
Infrastructure, Network, IT, Platform, and Engineering leadership
Deliver clear, factual, and risk-based incident briefings to senior leadership.
Support customer and partner communications when security incidents impact trust or service availability.
Program Development & Continuous Improvement
Support our companys incident response program, including:
Playbooks and runbooks
Tabletop exercises and simulations
Red/blue/purple team coordination
Drive lessons-learned processes and ensure findings result in measurable control improvements.
Define and track incident response KPIs (MTTD, MTTR, containment effectiveness).