לוח משרות דרושים מומחה אבטחת מידע / סייבר משרה מלאה

We are seeking a highly skilled Principal Security Researcher to join our Threat and Detection Group at the Tel-Aviv R&D center.
This team focuses on PANW Cortex Security and Security Assurance features across various operating systems and platforms, including (but not limited to) Linux, Mac, and Cloud. This is an applied research role with a clear mission: your research directly improves the detection and prevention capabilities of our XDR agent.
The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.
You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.
Your Impact
Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
Act as a key research partner with engineering teams to push and validate our product capabilities.
Leverage data-driven approaches to identify threats and propose effective mitigations.

Technical Director, Reactive Services is a senior-level consulting position. The individual will provide expert-level guidance on all areas of cybersecurity and data breach response to Unit 42 clients across a wide array of industries, geographies, and organizational structures. They will be the clients advocate for cybersecurity and will provide strategic and technical leadership in this area.
Your Impact
Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques)
Maintain hyper-current knowledge of extant vulnerabilities and threat landscape
Experience using forensics tools such as EnCase, FTK, SleuthKit, Volatility, etc.
Analysis experience and operational understanding of one or more major operating systems (Microsoft Windows, Linux, or Mac)
Knowledge of common malware persistence mechanisms
Experience identifying and triaging malware.

As a Cloud Security Analyst, you will join our global SOC team. A small, highly technical team that owns key parts of Vias security operations. This role is perfect for someone who is motivated and eager to make an impact, and who wants to take meaningful ownership in a cloud-native environment.You will investigate real incidents, improve detections, collaborate with engineering, support AI initiatives, and strengthen Vias security posture end-to-end.

What Youll Do:

Monitor, investigate, and respond to security events across cloud and SaaS environments
Tune detections, signatures, and guardrails to reduce noise and improve accuracy
Develop and maintain SOC playbooks, processes, and response guidelines
Perform intrusion analysis and contribute to threat intelligence correlation
Conduct proactive threat hunting and surface emerging risks
Lead hands-on technical investigations and incident containment
Work with SecOps engineers to design automated remediation flows
Build dashboards, advanced alerts, and visibility for critical events
Continuously improve SOC capabilities by bringing new ideas and approaches

Unit 42s Managed Detection and Response (MDR) service is growing fast, and were building a customer-centric team that blends technical expertise with direct customer engagement. As a Customer Focus Analyst, youll act as the front line of communication between our MDR analysts and our customers, helping bridge the gap between incident response and customer understanding.
Youll not only support investigations and incident triage, but also help onboard customers, answer technical questions about reports, alerts, and the service, and manage ongoing communications to ensure clarity, alignment, and satisfaction.
This role is ideal for someone who is technical at their core, but enjoys customer interactions, driving clarity, and ensuring our partners feel confident and supported in their cybersecurity journey.
Key Responsibilities
Be part of a customer-focused sub-function of the Unit 42 MDR team, dedicated to proactive communication and technical guidance
Support onboarding activities for new customers
Monitor incoming communication from customers (e.g., via email, comments), triage and route issues as needed, and answer technical questions around reports, alerts, and recommendations
Collaborate with MDR analysts to ensure the customers technical questions about incidents or threats are fully addressed
Own the customer communication lifecycle during ongoing incidents ensure timely updates, clarity, and alignment on next steps
Help drive consistency and quality in how incidents and threat intelligence are communicated externally
Escalate and advocate for customer issues internally across Product, Engineering, and the broader Unit 42 team.

As a domain consultant for network security transformation, you provide technical expertise and guidance in customers' network security and zero trust journey. You will be key in defining technical solutions that secure a customers key business imperatives. You evangelize our industry leadership in on-prem, cloud, and security services that establish our company as a customers cybersecurity partner.
Key Responsibilities
Collaborate with sales teams to recommend and develop customer solutions within your assigned specialization
Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership
Lead and support customer demonstrations that showcase our unique value proposition
Responsible for prospective customers and partners' Technical Validation projects based on best practices to ensure technical win in assigned opportunities
Architect solutions that will help our customers strengthen and simplify their security posture
Document high-level design and key use cases to ensure proper implementation and value realization of our company solutions
Lead conversations about industry trends and emerging changes to the security landscape.
Responsible for discussing and highlighting product alignment with customer requirements and differentiation
As the main technical point of contact for Network Security, you will assist and collaborate to respond effectively to RFIs/RFPs
Position our company or Partner delivered services as appropriate to ensure proper implementation and value realization of our company solutions
Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative
Distinguished by additional specialized knowledge in breadth and/or depth.

Are you passionate about advancing automation in identity security? Do you thrive at the intersection of research, innovation, and large-scale impact? As a Senior Security Researcher, you will drive the design of autonomous response strategies to counter identity-based threats, misconfigurations, and abuse scenarios. Your research will directly shape the Cortex platforms ability to remediate identity-driven attacks, ensuring effective, safe, and scalable automation for our customers. You will collaborate with world-class researchers and engineers to deliver on the vision of the Autonomous SOC.
Your Impact
Lead the design and implementation of robust, testable, and safe remediation playbooks for identity-related threats (e.g., privilege escalation, credential abuse, lateral movement, IAM misconfigurations).
Conduct deep research on adversary TTPs targeting identity systems and translate insights into automated detection and response mechanisms.
Drive innovation in identity security automation by applying data analysis, modeling, and programming to refine remediation strategies.
Serve as a subject-matter expert and mentor within the research group, elevating the teams overall expertise in identity security.
Stay ahead of evolving identity-based attack vectors, cloud-native identity risks, and advanced adversary tradecraft to ensure our automation keeps pace with threats.

Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.
Your Impact
Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
Examine firewall, web, database, and other log sources to identify evidence of malicious activity
Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
Ability to perform travel requirements as needed to meet business demands (on average 20%)
Mentorship of team members in incident response and forensics best practices.

We are seeking a driven problem solver to join our Unit 42 MDR team.
Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a Senior MDR, we will rely on you to manage a team of experts who detect and respond to cyber incidents facing customers internal business.
As a Senior, you will join a team of managers who overlook the Unit 42 MDR team to ensure premium delivery to our customers and also have a critical role in how the team works, but also be able to create new processes, methodologies and capabilities that the team requires.
Your Impact
Hire for and lead a team of MDR Analysts working globally, guide the team, create and improve processes, methodologies and capabilities that the team requires to work effectively
Lead a team that analyzes incidents from real customer environments to identify ongoing threats to customer environments
Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire companys customer base
Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats.

Manage and mentor a team to drive research projects and improve outcomes, ensuring collaboration and growth within the group.
Map complex data structures and risk surfaces to help our customers ensure proper coverage
Ensure that the research conducted provides tangible product value to the customer, enhancing their security posture and overall experience.
Detect security flaws in SaaS applications and business applications
Research applications and permission structures
Help our customers research incidents with context enrichment and event investigation
Collaborate with our product and engineering teams to define innovative solutions to our customer needs
Publish relevant findings to the industry

DRS RADA is a global pioneer for active military protection, counter-drone applications, critical infrastructure protection, and border surveillance. Join Our Team as a Information Security Specialist at DRS RADA Technologies! Key Responsibilities:
* Maintain, and enhance cloud and SaaS security architectures, including Microsoft 365.
* Work routinely with the SOC team to investigate, analyze, and respond to security incidents in a timely manner.
* Manage the Vulnerability Management lifecycle, ensuring timely remediation via the Patch Management platform.
* Implement and maintain security tools such as firewalls, endpoint detection & response (EDR), mobile device management (MAM), mail relay/hygiene, etc.
* Collaborate with IT teams to support secure system design and architecture.
* Responding to /Handling Information Security team tickets.
* Keep up to date with emerging cyber threats, technologies, and industry trends.
* The role includes travel to various sites across the country.