לוח משרות דרושים הייטק אבטחת מידע / סייבר

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.
Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.
Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.
Design, implement, and drive SSDLC practices across the companyfrom security design reviews and threat modeling to proactive triaging in production.
Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.
Manage our bug bounty program, validating reports and coordinating response and resolution.
Own and operate our suite of AppSec tools including SAST, ASPM, and other security scannerstriaging findings, prioritizing issues, and guiding engineering toward resolution.
Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.
Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.
Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.
Promote a strong security culture across by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

we are looking for a Cyber Security Engineer
As a Cyber Security Engineer , youll play a key role in protecting our global platform and ensuring the resilience of our systems against emerging threats. Youll be responsible for investigating and responding to security incidents, analyzing malware, and conducting threat hunting activities across cloud environments.
Youll collaborate closely with the Infosec team, engineers, and cross-functional stakeholders to detect, contain, and mitigate threats, while continuously improving our security posture.
As part of a strong, experienced team, youll contribute to design, shape and implement information security solutions, mentor others in best practices, and drive automation initiatives to streamline detection and response.
Responsibilities:
Develop and maintain automation scripts in Python to enhance SOC efficiency and incident response workflows.
Perform initial triage and assessment of security incidents, identifying threats and recommending mitigation strategies.
Conduct static and dynamic analysis to uncover malicious behaviours, code, and techniques.
Apply forensic methodologies to extract, analyze, and interpret digital evidence to support investigations and attribution.
Investigate and mitigate cloud-based threats, with a focus on AWS environments.
Collaborate with cross-functional teams to strengthen overall organizational security and ensure best practices.

Required Application Security Architect
Job Description
Research, identify, evaluate and implement the best solutions for security in our production environment
Research, identify, evaluate and implement the best solutions for the platform code and services used by our developers
Work closely with development and system teams on all SDLC levels, performing security design reviews, threat modeling and penetration tests, while acting as a security mentor for developers
Investigate abnormal activity in production
Build creative tools and services to detect and solve cross-security issues.

Were seeking a Senior Security Researcher to drive end-to-end research initiatives that strengthen detection capabilities. In this role, youll investigate emerging attack surfaces, craft and implement innovative detection logic, and test your findings in real-world environments. Its a hands-on position ideal for someone eager to transform research insights into effective, production-grade security defenses.

Responsibilities

Research AI Agent and LLM-related risks, such as prompt injection and jailbreaking and implement sophisticated detection strategies.
Conduct research on cloud, web, and API security to uncover new threats and attack vectors.
Develop, refine, and design world-class detection logic and rules to enhance runtime protection.
Perform threat-hunting activities across large data sources to identify emerging attack patterns
Drive full-cycle research: from hypothesis and experimentation to production validation.
Collaborate with engineering and product teams to deliver actionable insights.

Required Security Architect
Job Description
Lead security efforts in your domains and reflect the security posture and gaps to stakeholders
Define and execute annual roadmaps to mitigate security risks and design secure architectures in diverse business units
Review and assess newer complex environments, discovering security gaps and creating security control in the form of policies and other mitigations
Develop best practices and security standards for the organization
Carry out proof of concepts for the latest security tools based on security needs and your own research
Work closely with DevOps team and development teams.

The ideal candidate will leverage their extensive security and product management expertise to drive the development and enhancement of our security products. This role requires a strategic thinker with a deep understanding of security needs and market trends, who will work closely with cross-functional teams, from engineering to marketing, to ensure the delivery of high-quality security solutions to our clients.

Responsibilities
What Youll Be Doing

Own OX product definition for our application security capabilities - the core capabilities of the OX product.
Define the capabilities, from understanding the need to the detailed requirement, across each of our application security technologies.
Lead the product lifecycle from concept to launch, ensuring alignment with business objectives and customer needs.
Lead the product requirements definition. Collaborate with engineering, design, marketing, and sales teams to come up with a product that will lead the market.
Engage with customers to identify needs and to follow up on our feature adoption and acceptance.
Gather and analyze user feedback to drive product iterations and enhancements.
Conduct market and competitive analysis to identify opportunities for product innovation and improvement.
Maintain up-to-date knowledge of industry trends, security threats, and regulatory requirements.
Act as the primary point of contact for all product-related inquiries and issues.
Prepare and present product updates, performance metrics, and strategic recommendations to stakeholders.

Were looking for an Application Security Researcher with strong penetration testing skills and a solid development or research background to join our Security Research team. This is a critical role where youll work closely with developers and researchers to build application security platform.

Responsibilities
What Youll Be Doing

Be a key member of OX research team building our vulnerability management platform, focusing on vulnerability exploitation analysis
Evaluate open source intelligence feeds and vulnerability knowledge base
Develop unique detection engines to enhance dynamic application security testing (DAST) solution
Take active part of the ideation process and prototyping of new features and product offerings

Were looking for an experienced and curious Cloud Security Researcher to join our Security Research team and help us push the boundaries of what cloud security can achieve. This is a high-impact role where youll explore new attack surfaces, uncover blind spots, and help shape cloud capabilities and research strategy.

Responsibilities
What Youll Be Doing

Lead deep-dive research projects into cloud environments, services, and misconfigurations
Identify and explore security gaps across major cloud providers (AWS, GCP, Azure)
Collaborate with Product and Engineering teams to turn research into productized features
Conduct offensive simulations to validate risks and their business impact
Communicate findings internally and externally through reports, whitepapers, or talks
Take active part of the ideation process and prototyping of new features and product offerings

We're looking for an experienced Principal Threat Researcher to join our Threat Hunting team. Reporting to the Senior Manager, Threat Research, you'll be responsible for:

Leading end-to-end research POCs: formulating hypotheses, designing methodologies, implementing experiments, analyzing results, and translating findings into production-ready capabilities and customer outcomes
Researching and developing methodologies for identifying, assessing, and mitigating threats and risks across diverse data sources
Partnering with data scientists and ML engineers to shape model features, training data strategies, and evaluation frameworks derived from real-world signals
Providing actionable recommendations to improve data quality, policies, detections, controls, and response strategies across Zscalers security offerings
Presenting research findings clearly and meaningfully to technical and non-technical stakeholders; influencing roadmap decisions with evidence-based insights