לוח משרות דרושים הייטק אבטחת מידע / סייבר

we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
Who You Are:
You're a security engineer who's excited about the AI wave-someone who sees GenAI and LLMs as fascinating puzzles to secure, not just threats to mitigate. You've spent 5+ years in Security Engineering, AppSec, or Cloud Security, and at least 1-2 of those years have been spent getting your hands dirty with AI/ML or data -intensive systems. You're equally comfortable dissecting a prompt injection attack as you are writing a Terraform module or shipping a Python library. You know your way around AWS and/or Azure, modern app stacks ( Python /TypeScript, REST/gRPC, containers/Kubernetes), and can translate security requirements into Developer -friendly tooling-not just PDF policies that gather dust. You communicate clearly in English and Hebrew, thrive in regulated environments, and understand that security in financial services means mapping controls to frameworks like FFIEC, SOC 2, and PCI DSS-and actually having the evidence to prove it.
What Youll Actually Be Doing:

* Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
* Implement data minimization controls for GenAI/RAG workloads: context filtering, leastprivileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
* Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/ data exfiltration) and build mitigations.
* Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive- data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
* Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
* Evaluate thirdparty AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
* Partner across Security, data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
* Lead/participate in AI redteaming: automated jailbreak/promptinjection tests, safety benchmarks, purpleteam exercises, and response playbooks for AI incidents.
* Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Why Youll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first
Next Step:
Hit Apply!

Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry.
Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.
We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.
This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
Document: Draft requirement documents for security products and innovative technologies.

we are looking for a brilliant Security Researcher to join our elite team. In this role, you will combine offensive research with product innovation. You will conduct in-depth research and penetration testing on Automotive ECUs, uncovering vulnerabilities at both the hardware and software levels. Additionally, you will act as the "Red Team" for our vehicle protection systems, simulating sophisticated attacks to ensure our detection capabilities stay ahead of global threats.
What Youll Do: ECU & Low-Level Research: Conduct deep-dive security research into Automotive Electronic Control Units (ECUs). Automotive Offensive Research: Analyze automotive protocols and architectures to identify, develop, and implement end-to-end attack vectors. Red Teaming: Serve as the internal adversary for our vehicle protection products. You will execute attacks to validate detection efficacy and provide the offensive "ground truth" needed to improve our security logic. Collaborate with data Scientists: Work closely with our data Science teams to fine-tune AI-based detection features, helping to translate complex exploit behaviors into actionable data features.
Advantages:
data Science & AI: Experience working with data teams, understanding of feature engineering, or experience fine-tuning AI models based on security domain expertise. OS Internals: High level of expertise in Linux / QNX / Android internals (both user and Kernel space). Product Security: Experience building or testing Intrusion Detection/Prevention Systems (IDS/IPS) or EDR/XDR platforms. Automotive Knowledge: Understanding of automotive-specific protocols (CAN, Automotive Ethernet, UDS, etc.) and the ability to implement functional attacks against them.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
Highlights:
High-growth: Over the past seven years, weve consistently achieved milestones that take other companies a decade or more. During this time, weve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
Disruptive innovation: Our founders saw that traditional security didnt work for the cloud, so they set out to carve a new path. Were relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
Well-capitalized: With a valuation of $1.8 billion, we are a cybersecurity unicorn dominating the cloud security space. Were backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.
About the role
We are in the process of crafting a dynamic, captivating, and rapidly evolving product that is reshaping the landscape of cloud security. As we expand, we are actively seeking individuals who are not only talented but also highly motivated, adept at multitasking, and proven team players to join our ranks. Our team consists of inspirational top-tier professionals dedicated to pioneering a paradigm shift in cloud security practices. We are deeply passionate about staying at the forefront of cutting-edge technology trends and are committed to integrating these innovations into our product. In this role, you will assume the pivotal position of lead developer, entrusted with spearheading the creation of innovative software products.
On a typical day youll:
Write clean, concise code that is stable, extensible, and unit-tested appropriately
Lead technical designs and implement new features end to end
Diagnose complex issues, evaluate, recommend and execute the best solution
Implement new requirements within our Agile delivery methodology while following our established architectural principles
Test software to ensure proper and efficient execution and adherence to business and technical requirements
Write code that meets the production requirements and design specifications and anticipate potential errors/issue
Provides input into the architecture and design of the product; collaborating with the team in solving problems the right way
Develop expertise of AWS, Azure, and GCP products and technologies.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
About the role
As the Head of Research, you will lead our threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with our product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand our capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.

We are seeking a hands on Chief Information Security Officer (CISO) and Head of IT to own the security and internal technology of all assets, including our global SaaS platform, corporate IT, data, identities, and cloud infrastructure. This role carries end-to-end responsibility for protecting an industry-leading B2B product, operating secure and reliable IT at global scale, and ensuring compliance in a multi-region organization. The role combines deep hands-on involvement with a clear understanding of the broader business impact of security and IT decisions.
What Youll Do
Own end-to-end security for all assets: global SaaS platform, cloud infrastructure, data, identities, and corporate IT.
Lead security strategy and execution, staying hands-on in critical areas while balancing risk, velocity, and business impact.
Run security operations, including incident response, vulnerability management, monitoring, and secure SDLC practices.
Own compliance and audits (SOC 2, ISO 27001, FedRAMP), from readiness through ongoing operation.
Lead and scale the Security, IT, and GRC teams.
Partner with peers to embed security into company-wide decisions.

We are seeking a highly motivated and analytical Information Security Consultant to join our team. As an Information Security Consultant, you will be responsible for performing a variety of IT audit activities for SaaS start-up companies including planning, fieldwork, and reporting. You will have the opportunity to work with a diverse group of clients and industry sectors while developing your technical and professional skills.
Job Description:
Assist with the planning and execution of information security audits
Identify and evaluate information security risks, controls, and business processes
Understand and evaluate the impact of emerging technologies on client operations
Communicate audit findings and recommendations to clients and management
Contribute to the development of audit methodologies, tools, and best practices.

Are you passionate about staying one step ahead of cyber threats? Do you thrive at the intersection of deep technical expertise and strategic leadership?
We're looking for an exceptional Offensive Security & Research Team Leader to drive cutting-edge offensive operations, lead a team of elite security professionals, and shape the future of cyber resilience.
In this role, you'll lead hands-on red team activities, threat research, and vulnerability discovery-pushing the boundaries of what's possible in cyber offense. You will work closely with product, engineering, and executive stakeholders to translate complex attack scenarios into real-world risk mitigation strategies.
This is more than a leadership position-it's an opportunity to build and scale a high-impact team at the forefront of the cybersecurity landscape.
Job Description:
Lead a high-performing offensive security team specializing in red teaming, threat emulation, advanced adversary simulation, and vulnerability research.
Mentor and grow team members, fostering a culture of continuous learning, innovation, and operational excellence.
Promote a culture of innovation, encouraging curiosity and technical excellence within the team.
Translate technical discoveries into operational insights that enhance offensive engagements and deliver clear value to clients
Collaborate cross-functionally with our company's cyber offensive and defensive teams
Develop and maintain internal tools and methodologies that enhance offensive capabilities, automation, and reporting accuracy.
Design and execute tailored offensive engagements, including full-scope red team operations, assumed breach scenarios, and social engineering campaigns.

We are looking for a hands-on Cloud Security Lead to own and continuously improve the security posture of our applications, infrastructure, and cloud environment. This role is both strategic and deeply technical, with full responsibility for embedding security into our engineering culture and software development lifecycle.
You will work closely with R&D, DevOps, and Product teams to design secure systems, proactively identify risks, and protect the company against evolving threats.
This role is critical to protecting our systems, customers, and business as we scale. You will shape how security is built, tested, and operated - ensuring security enables growth rather than slowing it down.
Your Arena - Know your impact 💥
Serve as the primary owner of application, infrastructure, and cloud security.
Continuously assess and improve our security posture through offensive and defensive security practices.
Design, implement, and maintain security controls to protect against modern threats.
Embed security into the secure Software Development Lifecycle (sSDLC).
Lead penetration testing, threat modeling, and incident response efforts.
Build and operate security monitoring, alerting, and automated detection tooling.
Promote a strong security-first culture across R&D and the wider organization.

We are seeking an experienced Security Engineering leader to lead our companys Next security engineering practice. The head of security engineering will lead a team of highly talented security engineers and architects in different cybersecurity domains including (but not limited to): cloud security, application security, data security, identity and access management, security monitoring, detection and response and more.
We are looking for an expert with leadership skills, to be the main focal point across the company for everything related to the above domains and support our companys transformation into leadership in the cybersecurity market.
What youll do:
Lead, mentor and scale multidisciplinary security teams
Engage with cyber security leaders across all business sectors
Assist organizations with securing their public cloud infrastructure, applications and data
Conduct risk assessments for different public cloud environments
Develop cyber security assessments and controls implementation methodologies and best practices
Partner closely with our customers engineering, DevOps, and IT teams
Engage with our companys Next partners such as: Google, AWS, Microsoft and others to provide state of the art solutions to our customers
Serve as a senior advisor to our companys leadership.

Our mission is to help businesses grow by leveraging modern technology and creating a digital future for our customers.
Be part of our Penetration Testing Team, which is involved in some of the most innovative and challenging projects.
We are looking for a driven and talented individual to join our team as a Senior Penetration Tester. You will be responsible for growing, implementing, and executing penetration testing operations, and for leading engagements with key clients to perform organization-wide, versatile penetration testing activities that assess the resilience of various networks.