לוח משרות דרושים הייטק אבטחת מידע / סייבר

We are looking for a Security Researcher who thrives on both sides of the fence. You will develop offensive tradecraft-discovering new attack vectors and writing exploits-then use that perspective to engineer robust, product-level mitigations. If youre energized by finding a novel browser attack on Monday and shipping the defense for it by Friday, this role is for you.
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).

Role Purpose:
Lead the technical Pre-Sale process: respond to RFPs, design cybersecurity architectures for both on-premises and cloud environments (AWS/GCP), and present solutions to clients.
Main Responsibilities:
End-to-end management of the technical Pre-Sale process: requirements gathering meetings, HLD/LLD design, building a technological value proposition, and presenting solutions to clients.
Responding to RFPs: breaking down requirements, drafting technical responses, addressing information security risks and regulatory compliance. Apply the teams and companys standard methodologies and templates.
Designing cybersecurity architectures for hybrid environments: integration between on-premises systems and cloud (AWS/GCP), implementing Zero Trust, Identity & Access, Network Security, Data Security, Logging/Monitoring/SIEM, PKI.
Leading planning teams and interdisciplinary interfaces (Sales, Legal, Delivery, Vendors). Coordinating POCs and demonstrations for clients.
Acting as the technological representative to clients: presentations, demos, workshops, and C-level briefings.
Supporting the transition to Delivery: handing over HLD/LLD, formally transferring design assumptions and risks.

We are looking for a GRC specialist who is excited to build and scale a modern compliance and security program from the ground up. This role is not just about maintaining SOC 2 and ISO certifications. It is about embedding security into our product, our engineering culture, and every customer conversation. You will partner closely with Engineering, Sales, and Leadership to turn compliance into a strategic advantage and help our company earn and maintain the trust of some of the most security-conscious organizations in the world.
About us:
The company Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Backed by Sequoia and Cyberstarts, our company uses an agentless approach to reveal what is truly exploitable while reducing manual prioritization and remediation through automated response workflows.
What you will do:
Own and manage our companys security compliance program, including SOC 2, ISO 27001, and other relevant frameworks
Lead the response to customer security questionnaires and vendor security assessments, ensuring timely and accurate completion
Build and maintain our companys internal security controls framework and evidence collection processes
Establish and manage continuous compliance monitoring and validation initiatives
Develop and maintain security policies, standards, and procedures that support both compliance and business objectives
Manage relationships with external auditors and assessors during compliance audits
Drive security awareness training and secure development practices across the organization
Support customer-facing security conversations during sales cycles and onboarding
Monitor regulatory changes and emerging compliance requirements relevant to SaaS platforms
Build scalability into GRC processes through automation and tooling improvements.

we are seeking to hire an Intelligence Infrastructure Expert for a full time position. The role includes creation, management, and integration of the companys unique infrastructure and tools across the different Web environments.
The position includes infrastructure establishment and processes management alongside end to end delivery to the different teams within the organization. You will be responsible for the generation of insights, means, and methods provided from diverse intelligence streams enabling the organizations teams to make the internet a safer place.
Responsibilities:
Monitoring Web and Mobile environments - social media platforms, forums, blogs, mobile applications and darknet to uncover malicious activity.
Identification, analysis and intelligence gathering on bad actors, sources and platforms, while identifying distribution methods.
Provide insights on intricate means and methods being used by threat actors to abuse the tech worlds most popular platforms while putting users at risk.
Identify and address opportunities alongside potential problems in operational processes.
Research, development and strategizing of new operational methods and logics.
We are looking for an expert with a Can Do! approach with the following desirable skills, qualities and experience.

We are looking for passionate, highly skilled security researchers who thrive on the challenge of breaking complex attacker kill-chains. Leveraging our companys dominant market position and the worlds most massive telemetry set, you will have a direct, tangible impact on the security of the global economy. We are looking for researchers who want to see their findings transformed into production-ready protection, where the ultimate goal is not just to detect threats, but to prevent and stop them in near real-time.
Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team.
Responsibilities
Investigate real world advanced attacker TTPs to develop high-fidelity protection signals, and robust logic across complex kill-chains.
Design and implement innovative capabilities that autonomously prevent, detect and disrupt sophisticated threats in near real-time.
Infuse deep security expertise into the analysis of massive telemetry sets using big-data query languages, reasoning over data to identify novel malicious patterns, and drive evidence-based research decisions.
Partner with engineering and product teams to share research insights, validate protection concepts, and push ideas forward into production-ready protection at a global scale.
Contribute expert insights to a strategic feedback loop by analyzing real-world attack data and telemetry to refine protection coverage and accuracy.

Were a team of builders and innovators who thrive on complex technical challenges. If youre energized by distributed systems, cloud-native architectures, and the opportunity to protect thousands of organizations worldwide, we want to hear from you.

Join us in expanding security platform, where innovation meets impact.

What Youll Do:

Architect and build scalable backend services that scan millions of cloud resources daily across multi-cloud environments

Design and implement distributed systems that process massive volumes of security data with high reliability and low latency

Develop agentless scanning capabilities for vulnerability detection, configuration assessment, and data security across cloud workloads

Collaborate cross-functionally with security researchers, product managers, and fellow engineers to deliver features that customers love

Own features end-to-end - from design and implementation through deployment, monitoring, and iteration

Drive technical excellence through code reviews, architectural discussions, and mentoring team members

Solve complex challenges in cloud security, data processing, and distributed systems at enterprise scale

Were a team of builders and innovators who thrive on complex technical challenges. If youre energized by distributed systems, cloud-native architectures, and the opportunity to protect thousands of organizations worldwide, we want to hear from you.

Join us in expanding security platform, where innovation meets impact.

What Youll Do:

Architect and build scalable backend services that scan millions of cloud resources daily across multi-cloud environments

Design and implement distributed systems that process massive volumes of security data with high reliability and low latency

Develop agentless scanning capabilities for vulnerability detection, configuration assessment, and data security across cloud workloads

Collaborate cross-functionally with security researchers, product managers, and fellow engineers to deliver features that customers love

Own features end-to-end - from design and implementation through deployment, monitoring, and iteration

Drive technical excellence through code reviews, architectural discussions, and mentoring team members

Solve complex challenges in cloud security, data processing, and distributed systems at enterprise scale

The Cloud Risk team Cloud Security is looking for a senior engineer to join our growing team working on a transformative initiative .

This role is centered on gathering customers resources and insights from various CrowdStrike cloud products, establishing connections between data sources, and handling large-scale data operations to run comprehensive evaluations and generate actionable posture intelligence.
You'll be responsible for processing vast amounts of customer data to create meaningful conclusions that help customers:

Discover misconfigurations, security risks, and compliance violations in cloud environments

Identify and prioritize security risk issues that require immediate attention

Gain valuable insights into their cloud resources and assets to enable faster, more effective investigations

Understand the potential risks associated with their assets and cloud environment

Make data-driven security decisions based on comprehensive analysis of their environment

Responsibilities include:

Develop ETL jobs to gather data from multiple sources and provide insights into various product areas

Building data warehouses where large amounts of metrics and data will be stored

Interacting with many product groups within the organization to collect key metrics via APIs, Kafka integrations or direct data access

Participation in configuring and receiving uptime alerts related to the services you control.

Keeping services up and running in a healthy state.

As a senior researcher and tech lead on the team, you will play a pivotal role in conducting security research while mentoring and guiding fellow researchers to scale our capabilities. Beyond your individual contributions, you'll help establish research methodologies, foster collaboration, and build a culture of technical excellence within our growing team.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments. You will get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of cloud detection capabilities while helping develop the next generation of security researchers.

What You'll Do
Initiate and conduct Cloud Research Initiatives: Follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Lead and mentor research efforts: Guide fellow researchers in technical decision-making, establish research best practices and methodologies, and foster knowledge sharing within the team to build collective expertise.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Coordinate research initiatives: Lead technical discussions, prioritize research objectives within your area of responsibility, and ensure alignment with broader team goals and product roadmap.

The Cloud Risk team Security is looking for a senior engineer to join our growing team working on a transformative initiative
This role is centered on gathering customers resources and insights from various CrowdStrike cloud products, establishing connections between data sources, and handling large-scale data operations to run comprehensive evaluations and generate actionable posture intelligence.


What You'll Do:

You'll be responsible for processing vast amounts of customer data to create meaningful conclusions that help customers:

Discover misconfigurations, security risks, and compliance violations in cloud environments

Identify and prioritize security risk issues that require immediate attention

Gain valuable insights into their cloud resources and assets to enable faster, more effective investigations

Understand the potential risks associated with their assets and cloud environment

Make data-driven security decisions based on comprehensive analysis of their environment

We are looking for a hands-on Security Research Team Lead to own and scale our Security Research domain.

This is a foundational role in a small, highly technical team, focused on deep security research, algorithmic thinking, and leveraging AI to turn complex data into accurate, actionable security insights.

This role is not about people management by default - it is about technical leadership, ownership, and building scalable research capabilities that directly impact product and customer security.

‍

Responsibilities:

Own and lead the Security Research domain through hands-on technical work.
Research security risks in SaaS and business applications, including permissions, identities, and access models.
Design and apply algorithmic approaches to analyze complex data structures and security risk surfaces.
Leverage AI-based techniques to work with large-scale data, improve accuracy, and automate research workflows.
Detect security flaws, misconfigurations, and systemic risks in SaaS environments.
Lead and support complex security investigations and customer-facing incident research.
Work closely with Product and Engineering to translate research findings into scalable product capabilities.
Technically mentor and support a small and growing research team.
Define research priorities and help shape how the team scales over time.

We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our companys security research blog.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader - dont miss it!
What Youll Do
Own and operate our endpoint security stack - EDR, EPM, and device compliance - across the organization
Define and enforce endpoint posture and hardening standards at scale
Build and evolve Identity Security controls using Entra ID (Azure AD) - including access policies, hardening, and attack surface reduction
Continuously improve authentication, authorization, and identity-based defenses
Take ownership of our SaaS Security posture using SSPM solutions - identifying risks, misconfigurations, and exposure across applications
Drive visibility, governance, and control across our SaaS ecosystem
Partner with IT, Security, and Engineering teams to turn risks into practical, enforceable controls
Act as a technical escalation point for complex issues across endpoint and identity domains
Lead initiatives end-to-end - from problem definition to implementation and continuous improvement.

Required Software Team Leader-Building Cloud Scale Email Security Product
R&D | Full Time | Job Id: 23189
Why Join Us?
Ready to shape the future of Email Security?
Join us as a Software Team Leader and take the helm of a talented development team at the forefront of innovation. If you thrive in dynamic environments, have a passion for building scalable solutions, and want to make a real impact on thousands of users worldwide! This is your chance to lead, inspire, and drive excellence in a product recognized by Gartner as a market leader.
Email Security is one of the fastest-growing domains, playing a critical role in protecting organizations against advanced threats. Wet have been recognized as a Market Leader in Gartner for Email Security, reflecting our innovation, scale, and proven success in the field.
Our platform serves thousands of paying customers worldwide, operating across multiple geographic regions and supporting a truly global user base. The system is designed as a highly scalable, cloud-native solution, built to handle massive volumes of email traffic with strict performance and reliability requirements.
We work closely with AWS to deliver top-tier performance, availability, and security, leveraging advanced cloud services and best practices to provide an exceptional customer experience.
Key Responsibilities
Lead and Mentor
Provide technical leadership and mentorship to a team of developers, fostering a collaborative and innovative environment.
Project Management
Oversee project timelines, deliverables, and resource allocation to ensure successful project completion.
Code Review and Quality Assurance
Conduct regular code reviews to maintain high code quality and adherence to best practices.
Innovation and R&D
Stay updated with the latest industry trends and technologies, and drive innovation within the team.
Performance Monitoring
Monitor and evaluate team performance, providing feedback and support to help team members grow and succeed.
Collaboration
Collaborate closely with cross-functional teams and customers to solve complex problems and innovate new features.

Were looking for an experienced Network & Security Researcher to join our team. Youll investigate how modern networks behave at scale-diving deep into protocols, traffic patterns, and path performance-to design data-driven improvements that enhance reliability, efficiency, and user experience across our companys global network. Youll develop analysis tooling, run large-scale measurements on top of our big-data platform, and share findings internally and externally.
Responsibilities:
Build tools & pipelines: Develop analysis tools, datasets, and reproducible pipelines to support research at scale.
Deep protocol analysis: Perform in-depth studies of protocol behavior (TCP congestion control, QUIC/HTTP/3, HTTP/2, DNS, DHCP) including edge cases, timeouts, retransmissions, handshake dynamics, and head-of-line effects.
Network measurement & modeling: Analyze latency, jitter, loss, throughput, and path selection. Build models and KPIs that explain and predict performance.
Experimentation: Design controlled experiments and A/B tests; reproduce findings in lab environments (emulation/simulation) and validate on real traffic.
Collaboration with engineering: Translate research into product improvements and platform capabilities; deliver clear specs and reference implementations.
Communication & thought leadership: Publish results (internal reports, blog posts, talks), create visualizations, and-when relevant-contribute to community.