לוח משרות דרושים הייטק אבטחת מידע / סייבר

We are rapidly growing, and we seek a GRC Analyst to join our InfoSec team.
In this position you will report to the CISO and will be located in our Israeli office.
Trust is the cornerstone of our fintech SaaS environment, and we are looking for a GRC Analyst to uphold this principle. This role will serve as the primary liaison for both internal risk management initiatives and external inquiries, and for ensuring our internal controls adhere to international standards and frameworks.
Responsibilities:
Policy & Framework Management: Assist in developing and maintaining information security policies and procedures in alignment with international standards such as ISO 27001, NIST, CIS, GDPR, CSA and SOC 2.
Risk & Control Lifecycle: Manage regular risk assessments to identify vulnerabilities and participate in the design, implementation, and testing of security controls to ensure organizational resilience.
Audit & Compliance Monitoring: Coordinate internal and external security audits, managing the collection of evidence and tracking remediation efforts across various business units.
GRC Platform Ownership: Serve as the technical owner of the companys GRC platform.
RFI Lifecycle Management: Act as the primary point of contact for managing the end-to-end process for client security questionnaires and due diligence requests from triage to final submission.
Knowledge Base Architecture: Build and maintain a centralized, AI-assisted repository of approved technical responses covering Security, Privacy, Product Tech (e.g., oAuth, integrations), Legal, ESG, and Finance.
SME Collaboration & Triage: Facilitate cross-functional communication by triaging inquiries and escalating complex technical or legal questions to the appropriate Subject Matter Experts in R&D, Product, Legal, and Compliance.
Technical Trust Documentation: Create and update client-facing collateral, including security white papers, trust center content, and compliance summaries to proactively address stakeholder inquiries.
Process Optimization & Metrics: Evaluate and implement new SaaS tools to automate the RFI workflow while tracking performance metrics like volume and response times to drive operational efficiency.
Stakeholder Enablement: Develop and deliver training materials, wikis, and "How-to" guides to educate GTM and technical teams on the standardized RFI process and SME engagement model.

Were a team of smart, curious engineers building scalable, reliable systems that power content creation for millions. We work with modern web technologies, tackle real-world challenges in distributed systems, and keep things practical - no overengineering, just solid solutions. If you love solving tough problems, moving fast, and building tech that creators actually use, youll fit right in.
On your day to day:
As a dedicated Platform Security Engineer, you will bridge the gap between code and infrastructure to build a fortress around our creators' content. Youll spend your time defining and implementing high-level security processes while rolling up your sleeves to fix vulnerabilities alongside our DevOps team. From architecting DSPM strategies for massive distributed video data to hardening our SDLC, you will be the ultimate owner of our security posture. You wont just be monitoring dashboards; youll be collaborating directly with developers to ensure security is a fundamental part of our engineering.

we are looking for a Head of Security. In this role, you will be responsible for defining and executing our security strategy across infrastructure, applications, and corporate environments.
Youll establish and enforce security best practices, proactively monitor and respond to threats, and ensure compliance with relevant regulations and standards.
You will also work cross-functionally with Engineering, Legal and Finance to embed security into everything we do. With scaling rapidly, youll be making a critical impact from day one.

Required Head of Research
About the role:
As the Head of Research, you will lead our threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do:
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with our product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand our capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.

Were looking for a Security Researcher to help us stay ahead of threats across cloud, runtime, and application environments. This role is intentionally broad and can fit backgrounds in operating systems and Linux internals, vulnerability research, DFIR, penetration testing, and incident response, threat detection, AppSec, and cloud security.
On a typical day youll:
Research and analyze emerging threats across cloud platforms, applications, APIs, and runtime environments
Investigate attacks and security incidents, then turn findings into improved detections and product capabilities
Build detection logic, analytics, rules, and signatures for vulnerabilities, exposures, and active threats
Contribute to runtime and cloud security visibility and detection (Linux, containers, Kubernetes)
Prototype tools and automation to speed up research and improve detection accuracy
Share knowledge through internal enablement, blog posts, whitepapers, or conference talks.

Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll:
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks.

our companys Advanced Cybersecurity Center empowers global and Israeli organizations to build cyber resilience. As a Senior Cybersecurity Consultant on our Defensive Cybersecurity team, you will lead consulting engagements with strategic clients across multiple domains-including compliance, cloud security, application security, and more. You will conduct cyber risk assessments, design mitigation strategies, and guide clients through complex security challenges with confidence and clarity.
Job description
Lead end-to-end delivery of defensive cybersecurity consulting engagements-from scoping to executive read-out-covering Risk & Compliance, Cloud and Application Security, Security Operations, and more.
Advise CISOs and senior stakeholders on cybersecurity program maturity and co-develop strategic roadmaps toward enhanced cyber resilience.
Design actionable remediation plans and oversee their implementation to ensure measurable progress.
Collaborate cross-functionally to develop innovative service offerings, reusable accelerators, and thought leadership content.

our companys Advanced Cybersecurity Center empowers global and Israeli organizations to build cyber resilience. As a Senior Cybersecurity Consultant on our Defensive Cybersecurity team, you will lead consulting engagements with strategic clients across multiple domains-including compliance, cloud security, application security, and more. You will conduct cyber risk assessments, design mitigation strategies, and guide clients through complex security challenges with confidence and clarity.
Job description
Lead end-to-end delivery of defensive cybersecurity consulting engagements-from scoping to executive read-out-covering Risk & Compliance, Cloud and Application Security, Security Operations, and more.
Advise CISOs and senior stakeholders on cybersecurity program maturity and co-develop strategic roadmaps toward enhanced cyber resilience.
Design actionable remediation plans and oversee their implementation to ensure measurable progress.
Collaborate cross-functionally to develop innovative service offerings, reusable accelerators, and thought leadership content.

our companys Advanced Cybersecurity Center empowers global and Israeli organizations to build cyber resilience. As a Senior Cybersecurity Consultant on our Defensive Cybersecurity team, you will lead consulting engagements with strategic clients across multiple domains-including compliance, cloud security, application security, and more. You will conduct cyber risk assessments, design mitigation strategies, and guide clients through complex security challenges with confidence and clarity.
Job description
Lead end-to-end delivery of defensive cybersecurity consulting engagements-from scoping to executive read-out-covering Risk & Compliance, Cloud and Application Security, Security Operations, and more.
Advise CISOs and senior stakeholders on cybersecurity program maturity and co-develop strategic roadmaps toward enhanced cyber resilience.
Design actionable remediation plans and oversee their implementation to ensure measurable progress.
Collaborate cross-functionally to develop innovative service offerings, reusable accelerators, and thought leadership content.

our companys Advanced Cybersecurity Center empowers global and Israeli organizations to build cyber resilience. As a Senior Cybersecurity Consultant on our Defensive Cybersecurity team, you will lead consulting engagements with strategic clients across multiple domains-including compliance, cloud security, application security, and more. You will conduct cyber risk assessments, design mitigation strategies, and guide clients through complex security challenges with confidence and clarity.
Job description
Lead end-to-end delivery of defensive cybersecurity consulting engagements-from scoping to executive read-out-covering Risk & Compliance, Cloud and Application Security, Security Operations, and more.
Advise CISOs and senior stakeholders on cybersecurity program maturity and co-develop strategic roadmaps toward enhanced cyber resilience.
Design actionable remediation plans and oversee their implementation to ensure measurable progress.
Collaborate cross-functionally to develop innovative service offerings, reusable accelerators, and thought leadership content.

Lead end-to-end delivery of defensive cybersecurity consulting engagements-from scoping to executive read-out-covering Risk & Compliance, Cloud and Application Security, Security Operations, and more.
Advise CISOs and senior stakeholders on cybersecurity program maturity and co-develop strategic roadmaps toward enhanced cyber resilience.
Design actionable remediation plans and oversee their implementation to ensure measurable progress.
Collaborate cross-functionally to develop innovative service offerings, reusable accelerators, and thought leadership content.

In this role, you will be the architect of our "security brain." You will write the low-level code that observes what is happening (eBPF/Golang) and build the AI models that understand, diagnose, and prevent issues (LLMs/Python).
Key Responsibilities
1. The "Eyes": eBPF Development & Systems Engineering
Lead the Cimon Agent: Spearhead the active development of our high-performance eBPF agent "Cimon" using Golang and C.
Kernel-Level Innovation: Design and implement eBPF programs for deep observability, runtime security, and container monitoring.
Performance Obsession: Write beautiful, highly efficient code that runs in the Linux kernel with minimal overhead.
Community Leadership: Actively participate in the eBPF and open-source communities, contributing code and presenting technical deep dives at conferences.
2. The "Brain": AI Innovation & Security Research
AI-Driven Security Solutions: Architect and prototype models for:
Automated Exploitability: Checking SAST/SCA findings for validity.
AI Remediation: Automatically fixing Dockerfile misconfigurations and generating patches.
Model Detection: Identifying AI models embedded within codebases.
Benchmarking & Rigor: Design evaluation frameworks to measure model accuracy, false positives, and robustness in security contexts.
Prompt Engineering: Shape prompt strategies and workflows to translate real-world security challenges into actionable AI logic.
3. The Intersection: Collaboration & Evangelism
Cross-Functional Leadership: Serve as the technical link between the AI development team and the core security engineering team.
Thought Leadership: Author whitepapers, technical blogs, and deliver talks on the cutting edge of "AI for Systems Security."
Mentorship: Guide engineers on best practices for both low-level systems design and AI integration.
Why This Role?
No Context Switching Cost: You won't just be researching; you will be building the tools you research. You control the data collection (eBPF) and the analysis (AI).
Deep Tech Focus: This isn't a wrapper-API role. You will be dealing with kernel bypasses, memory safety, and LLM hallucinations all in the same week.
Impact: Your work will directly power the next generation of automated security remediation.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.

we are hiring Intermediate Malware Researchers to analyze and review malware applications. Candidates should have a background in cybersecurity and software development. The role includes training in malware analysis and detection and provides exposure to various malware threats and techniques. Researchers will combine technical and intelligence findings to reach accurate verdicts and assist in the bulk removal of malicious applications. The position requires adaptability and proactive identification of emerging malware trends. We are seeking candidates who are willing to learn, can perform effectively under pressure, and maintain high professional standards.

About us:
we are a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact-whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, our company provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.


Hybrid:
No