לוח משרות דרושים הייטק אבטחת מידע / סייבר

We are looking for a highly motivated and technically proficient Security Researcher to join our security research division.

our company Infinity External Risk Management, otherwise known as Cyberint, continuously reduces external cyber risk by managing and mitigating an array of external cyber security threats with one unified solution.
We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers.
Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for a leader with a strong passion for offensive security, technical excellence, and people development -someone who can lead and scale a global team, build strong relationships, and drive measurable impact across customers, services, and internal teams.
This role is ideal for a relationship-driven, customer-centric leader who values service excellence and consistently delivers a high-quality customer experience across all engagements.
A leader who can influence without authority, collaborate with diverse stakeholders, and move complex initiatives forward in a global environment.
In this position, you will leverage your expertise in penetration testing, customer engagement, and operational leadership to own delivery excellence end-to-end, participate in pre-sales discussions, support scoping, and continuously elevate our offensive security practice worldwide.
Key Responsibilities
Team Leadership
Lead and scale a global team of penetration testers across multiple regions.
Mentor, coach, and support continuous technical and professional growth.
Foster a high-performance culture based on expertise, collaboration, and ownership.
Delivery & Customer Excellence
Own delivery excellence end-to-end, ensuring high-quality, accurate, and consistent execution of penetration testing engagements.
Participate in pre-sales and scoping meetings to define technical requirements and expectations.
Ensure a high-quality customer experience throughout every engagement.
Assign resources, manage workload balance, and drive optimal team utilization.
Operational Excellence
Drive operational efficiency and measurable KPIs, including utilization, delivery timelines, report quality, and customer satisfaction.
Identify and implement improvements in methodologies and internal processes.
Cross-Functional Collaboration
Partner cross-functionally with Sales, Product, and R&D, as well as PS Delivery and IR teams.
Build strong relationships and align stakeholders to support strategic opportunities and service growth.
Contribute technical insights to help shape new offensive security offerings.
Innovation & Service Development
Contribute to global knowledge bases, training materials, and methodology evolution.
Lead initiatives that improve service quality, efficiency, and technical depth.

We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers
Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams.

As an SOC Verification Engineer, you will verify the design and implementation of our SOC technologies in various projects. This position offers the opportunity to have real impact in a dynamic, technology-focused company impacting Switches and NIC SoC product lines. We are working closely with a wide range of aspects - chip design, DFT, backend, verification and production testing. We are working on the most advanced technologies and complex products. Our SOC solutions are unique, innovative, and we are continuously looking for new and creative solutions to meet the challenging goals.

What you'll be doing:

In this position, you will be responsible for verification of the clock design elements, architecture and micro-architecture using sophisticated verification methodologies.

As a member of our SOC verification team, you'll understand the design & implementation, define the verification scope, develop the verification infrastructure (Testbenches, BFMs, Checkers, Monitors), execute test/coverage plans, and verify the correctness of the design.

Collaborate with architects, designers, emulation, production testing and silicon verification teams to accomplish your tasks.

We are seeking a top SOC Verification Engineer to verify the design and implementation of the worlds leading networking SoCs. In this position, you will get the opportunity to craft complex networking chips and interact directly with architects, designers, and software engineers across sites. This is your chance to shape the future of computing with a world-class team!

What you'll be doing:

As a Senior SOC Verification Engineer, you will technically lead a team of engineers and be responsible for verifying design, architecture, and micro-architecture using advanced verification methodologies.

Define the verification scope and contribute to the development of the verification infrastructure for SOC clock networks.

Verify firmware code, with a specific focus on hardware/firmware interactions.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered. .

The Role:
As the Security Engineering Operations Assistant, you'll be the organizational backbone for the VP, Security Engineering—ensuring requests move forward, deadlines stay visible, and nothing gets lost in the shuffle. This isn't about being an admin; it's about being the force multiplier that lets security leadership focus on strategy and technical priorities while you keep the machine running smoothly. If you're the person who naturally keeps lists, follows up before being asked, and gets satisfaction from bringing order to chaos—this role was made for you.

Who You Are:
You're the person everyone relies on to remember the thing that was supposed to happen last Tuesday. You've got 2–5 years of experience in technical coordination, support roles, or security/IT/engineering operations environments, and you know how to work alongside technical teams without needing your hand held. You're exceptionally organized—not in a "my desk is clean" way, but in a "nothing falls through the cracks" way. You communicate clearly in writing and conversation, you're comfortable working closely with senior leadership, and you handle sensitive information with discretion. You're not intimidated by technical discussions—even if you're not the one configuring the firewall, you can follow along, capture the key decisions, and know what questions to ask to make sure everyone's aligned on next steps. You're proactive, dependable, and genuinely curious about how things work.

What You’ll Actually Be Doing:
Direct Support to Security Engineering Leadership
* Assist the VP, Security Engineering with tracking requests, action items, and follow-ups arising from meetings, emails, and discussions
* Maintain organized lists of open items, next steps, and pending decisions
* Perform routine follow-ups with internal teams and external vendors on behalf of Security Engineering
* Help ensure deadlines and commitments are visible and monitored
* Surface overdue items or risks that may require attention Coordination & Task Tracking
* Support coordination of security engineering activities across Security, IT, Engineering, GRC, and external partners
* Track progress of assigned tasks and initiatives using established tools and processes
* Assist in scheduling, preparation, and follow-up for security-related meetings
* Help organize priorities and timelines across multiple parallel efforts Technical Awareness & Documentation
* Maintain familiarity with core security engineering domains, including: Identity and Access Management, Endpoint and device management, Cloud security basics (AWS and Azure), Security tooling and operational workflows
* Capture key outcomes, decisions, and action items from technical discussions
* Maintain documentation, trackers, and status updates
* Ask clarifying questions to ensure expectations and next steps are understood Communication & Information Flow
* Support intake and coordination of inbound requests to the Security Engineering team
* Prepare clear summaries and status updates as needed
* Help ensure relevant information is shared with appropriate stakeholders
* Support prioritization discussions by maintaining visibility into current workload and commitments


Why You’ll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement – from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insuranc

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
Who You Are:
A proactive self-starter with deep expertise in application and cloud security
Passionate about secure development and enabling engineers through thoughtful guardrails
Clear and confident communicator who can influence across technical and non-technical teams
Curious about emerging threats and excited by the challenges of blockchain security
Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale
What Youll Actually Be Doing
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team.

we are looking for an experienced Security Researcher to join our growing research team. The team's responsibility is vulnerability research for both PR purposes and research for our companys product. In this role, you will focus on vulnerability research of open-source projects and reverse engineering of low-level binaries. The team also focuses on AI security and low-level product security research.
A key part of your work will include analyzing internal code and identifying security risks to improve our companys overall security posture and support our PR efforts.
What you will do
Vulnerability Discovery: Research and discover vulnerabilities across AI applications, low-level products, and cloud environments, including the development of functional Proof-of-Concepts (PoCs).
Public Research & PR: Publish technical blogs and present your research at major security conferences.
Technical Product Research: Produce in-depth technical research and conduct reverse engineering of security products to directly support the development of our companys product and platform.
Stay up to date with newly discovered CVEs, attack techniques, and threat trends
Cross-Functional Collaboration: Partner with product and engineering teams to help improve our companys security.

We are seeking a highly motivated and technically proficient Security Researcher to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems What you’ll do:
* Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints and development of novel bypass techniques for established security controls
* Lead and execute comprehensive, technically rigorous security research targeting complex web and mobile applications, including reverse engineering and proprietary protocols investigation

About Alice:
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact—whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.

Operational LeadershipThe Deputy CISO will play a critical leadership role within the Global Cybersecurity Organization, acting as the operational right hand to the Group CISO. This position drives the day-to-day execution of the security strategy across a worldwide telecommunications footprint, ensuring the resilience, integrity, and security of all network, IT, and cloud environments.
This is a hands-on leadership role ideal for someone deeply experienced with cybersecurity architectures, operational security, and enterprise-scale security solutions.
Key Responsibilities
Leverage the company Security Operations Team (CyberDefense), including SOC, Threat Detection & Response, Incident Response, Vulnerability Management, and Security Engineering.
Own daily operational security performance, ensuring 24/7 protection across a distributed, high-availability telco environment
Translate the CISO's strategic objectives into executable operational plans and measurable KPIs
Oversee the CyberTrust team activity focused on compliance and security awareness.
Security Architecture & Solutions
Oversee the design, deployment, and lifecycle management of critical security technologies (e.g., SIEM, SOAR, EDR/XDR, IAM/PAM, network security, cloud security platforms)
Evaluate and integrate new security solutions, with strong focus on scalability, automation, and alignment with telco-grade performance requirements
Ensure technical standards, reference architectures, and hardening guidelines are maintained and adopted globally.
Risk & Compliance
Ensure operational compliance with international standards and regulations (e.g., ISO 27001, NIS2, GDPR, telecom regulatory frameworks)
Lead technical risk identification, quantification, and mitigation activities across infrastructure, applications, and services
Oversee security audits, penetration tests, and red-team scenarios, ensuring findings are remediated promptly.
Incident Response & Crisis Management
Serve as the technical lead during major security incidents, coordinating cross-functional teams, external partners, and executive communication
Maintain and continuously improve global incident response playbooks and readiness programs.
Cross-Functional Collaboration
Act as the bridge between strategic security leadership and operational teams across all regions
Work closely with Network Engineering, Cloud, IT, Product, and Managed Services teams to embed security into designs and operations
Engage with external partners, MSSPs, vendors, and regulatory agencies as required
Work closely with our company Group CTO and Platforms Director to ensure strategic alignment and secure implementations.

we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
Who You Are:
You're a security engineer who's excited about the AI wave-someone who sees GenAI and LLMs as fascinating puzzles to secure, not just threats to mitigate. You've spent 5+ years in Security Engineering, AppSec, or Cloud Security, and at least 1-2 of those years have been spent getting your hands dirty with AI/ML or data -intensive systems. You're equally comfortable dissecting a prompt injection attack as you are writing a Terraform module or shipping a Python library. You know your way around AWS and/or Azure, modern app stacks ( Python /TypeScript, REST/gRPC, containers/Kubernetes), and can translate security requirements into Developer -friendly tooling-not just PDF policies that gather dust. You communicate clearly in English and Hebrew, thrive in regulated environments, and understand that security in financial services means mapping controls to frameworks like FFIEC, SOC 2, and PCI DSS-and actually having the evidence to prove it.
What Youll Actually Be Doing:

* Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
* Implement data minimization controls for GenAI/RAG workloads: context filtering, leastprivileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
* Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/ data exfiltration) and build mitigations.
* Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive- data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
* Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
* Evaluate thirdparty AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
* Partner across Security, data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
* Lead/participate in AI redteaming: automated jailbreak/promptinjection tests, safety benchmarks, purpleteam exercises, and response playbooks for AI incidents.
* Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Why Youll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first
Next Step:
Hit Apply!

Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry.
Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.
We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.
This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
Document: Draft requirement documents for security products and innovative technologies.