לוח משרות דרושים מומחה אבטחת מידע / סייבר

we are looking for an experienced and proactive Senior IT Systems Engineer to join our growing IT team.
This role will be pivotal in managing our modern, cloud-first infrastructure with a focus on Azure, AWS, Office 365, Intune, and enterprise security platforms. The ideal candidate is a senior-level engineer who thrives on automation, scalability, and supporting a dynamic, hybrid workforce.
Key Responsibilities:
Design, manage, and secure systems across Azure, AWS, Office 365, and Docker-based environments.
Oversee device management policies and compliance via Microsoft Intune across Windows, macOS, and mobile platforms.
Lead onboarding and offboarding workflows, integrating automation and security best practices.
Develop self-service solutions and automated workflows for IT operations using tools like PowerShell, Python, Azure CLI, AWS CLI, and code/no-code platforms (e.g., Workato, Torq).
Administer Entra ID (Azure AD), including conditional access, MFA, and role-based access control (RBAC).
Enforce endpoint and cloud security using CrowdStrike, firewalls, and Cato Networks, and conduct routine audits.
Troubleshoot and manage complex network environments, VPNs, and cloud-based firewalls.
Provide advanced technical support and guidance to internal IT and service desk teams.
Maintain comprehensive documentation and mentor junior staff.

Were looking for an exceptional Lead Security Researcher to join our world-class Security Research organization. This is a hands-on technical leadership role for a senior researcher who wants to drive research direction, depth, and real-world impact.
This role sits at the intersection of deep offensive research and strategic defensive thinking - influencing how modern cloud-native attacks are detected, understood, and stopped at scale.
What Youll Do:
Provide technical leadership and mentorship to security researchers, setting a high bar for research quality, depth, and execution.
Research and analyze advanced attack techniques targeting Linux-based cloud-native environments (containers, Kubernetes, serverless).
Reverse engineer Linux malware to uncover behavior patterns, execution flows, and persistence mechanisms.
Study real-world threat actor techniques and translate insights into actionable detection, prevention, and hardening strategies.
Design and prototype advanced detection and observability mechanisms, including kernel- and runtime-level approaches (e.g., eBPF).
Turn cutting-edge research into scalable security capabilities that protect large-scale production systems.
Collaborate closely with engineering and product teams to ensure research outcomes are practical, impactful, and production-ready.
Influence Aquas long-term security strategy through research-driven insights.

seeking a senior, hands-on CISO & Head of IT to act as "one-man-show" authority for IT operations and information security. This role owns IT and Information Security e2e for core business functions:
setting direction, making structural and vendor decisions, and defining what "good" looks like, while also answering questions in real time, exercising sound judgment, and taking ownership when issues arise.
This is a highly visible leadership role focused on judgment, ownership, and practical execution.

Key Responsibilities

Information Security & Risk

Build and maintain a pragmatic information security and IT risk management program aligned with business priorities.
Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams.
Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization.
Promote security awareness and accountability across the company, including ownership of employee security training programs.
IT Ownership

Own internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools.
Ensure smooth employee onboarding and offboarding.
Act as a point of escalation for IT issues and access problems, including hands-on work.
Manage external IT service providers and helpdesk vendors, including SLAs and escalation.
Security Operations

Own the overall effectiveness of security monitoring, detection, and response.
Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents.
Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed.
Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners.
Stay current on emerging threats and translate them into practical, risk-based improvements for the business.
Audits, Customers & Vendors

Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors.
Personally own customer security questionnaires and security discussions.
Partner closely with Legal on privacy, regulatory, and contractual security matters.
Oversee the IT and security budget and manage relevant vendors and advisors.

we are looking for a Offensive Security Team Lead.
As an Offensive Security Team Lead, you will spearhead offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead , you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms

we are looking for a SecOps Team Lead.
As the Team Lead of Cloud SecOps & IR, you will be the captain of the front-line defense. You won't just respond to threats; you will build the team and the infrastructure that detects them before they happen. You will lead a group of high-performing engineers to mature our Incident Response program, automate security operations, and partner with R&D and DevOps to ensure our "liquid software" remains secure.
As a Team Lead, Cloud SecOps & IR , you will...
Lead & Mentor: Manage a team of SecOps engineers, providing technical guidance, career development, and performance management
Strategy & Roadmap: Define the vision for security engineering operations, aligning team goals with company-wide KPIs
Incident Command: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes
Architect Operations: Oversee the design and execution of vulnerability management, SaaS security posture (CASB), and asset management at scale
Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation
Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities
Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges.
This is a hands-on Team Lead position, a development-focused role that ensures products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement

. We are looking for a Security Researcher to join the team. As a researcher, you will perform security research on open-source projects in both web and low-level technologies. You will define how to identify exploitable security issues in an automated manner and develop code for that purpose.
As a Security Researcher you will...
Research CVEs and 1-day vulnerabilities in various programming languages and ecosystems
Define how to automatically find exploitable vulnerabilities & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Write technical reports regarding all research subjects mentioned above

We are looking for a Security Researcher to lead our research team. As a research team lead, you will perform security research on open-source projects in both web and low-level technologies, define how to identify exploitable security issues in an automated manner and develop code for that purpose, publish your findings on new vulnerabilities, and manage a team of highly-trained researchers.
As a Security Research Team Lead you will...
Research CVEs and one-day vulnerabilities from various coding languages and technologies, including PoC development
Define how to find exploitable vulnerabilities automatically & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Publish your findings about the research subjects mentioned above

we are looking for a Developer Advocate.
This role sits at the intersection of engineering, product, and the global developer community. Youll translate technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:

Partner with development and product teams to integrate security best practices into the SDLC
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring remains ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams

We're looking for a Senior Governance, Risk, and Compliance (GRC) Specialist to join our global GRC team. In this critical role, you will help secure the platform that powers the software supply chain for thousands of the world's top organizations.
Reporting to the GRC Manager, you will work alongside a talented team to enhance our security posture, establish GRC best practices, and embed security governance into our fast-paced, DevOps-driven culture. You will be a key advisor, helping to translate complex risks and compliance requirements into actionable controls that support missin.
As a Senior GRC specialist you will...
Drive Security Framework Adoption (New Markets): Lead the strategic adoption of net-new security frameworks to unlock business markets.
Oversee the Security Certification Program: Oversee the end-to-end execution of our security assurance portfolio (ISO 27001, SOC 2).
Lead Security Audits: Serve as a primary GRC contact for internal and external audits. You'll coordinate evidence gathering, craft management responses, and drive the remediation of findings.
Lead Governance Initiatives: Develop, maintain, and enhance the enterprise-wide security GRC framework, policies, standards, and procedures, ensuring they align with our cloud-native and SaaS environment.
Risk Management & TPRM: Evolve our Third-Party (TPRM) and Internal Security Risk programs, including executing and documenting comprehensive risk assessments, ensuring that findings are remediated and clearly aligned with risk appetite.
Collaborate Cross-Functionally: Partner with engineering, product, IT, and legal teams to embed security controls into daily business operations, ideally automated.
Mentor & Advise: Act as a subject matter expert on governance and risk for the wider organization and provide mentorship to junior GRC team members.

we are seeking a hands-on and innovative Robotics Security Tech Lead / Senior Robotics Engineer to lead our Cyber-Physical / Embodied AI Security efforts. In this key role, you will bridge advanced security research and real-world robotics development, building and validating practical prototypes on real robots (HW/SW integration, sensors, communications, ROS/ROS2).
You will define and execute a research-to-demo roadmap that showcases realistic attack/defense scenarios and measurable security improvements for embodied AI systems. The role includes mentoring and leading student projects at university and collaborating closely with our company engineering and product teams to translate insights into deployable solutions.
Job Responsibilities
Lead the end-to-end research-to-prototype cycle for robotics/embodied AI security: ideation threat modeling PoC development validation demo readiness.
Build and maintain an experimentation platform for security evaluation on real robots
Investigate and mitigate threats across the embodied AI stack, including (high-level):
autonomy policy safety failures,
communications command authenticity,
software supply chain / update pipeline risks,
data protection privacy in real environments.
Design defense strategies and resilience mechanisms (monitoring, anomaly detection, guardrails, fail-safe behaviors, controlled recovery).
Lead and mentor student researchers at Reichman University: define projects, guide implementation, review results, and ensure research quality.
Produce clear technical documentation, evaluation reports, and demo artifacts for internal and external audiences.

At our company, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.
We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.
As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.
About Your Day-to-Day
As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

We are looking for an experienced Information Security Specialist to join our team The role involves maintaining and managing IT systems, ensuring secure network operations, and implementing information security solutions. The ideal candidate has hands-on experience with UNIX/Linux/AIX systems, network administration, and security product management. Familiarity with SCADA systems and tools such as TOL Rimon is an advantage. Responsibilities:
* Administer and maintain UNIX, Linux, and AIX systems.
* Manage and secure network infrastructure.
* Implement and manage information security products and solutions.
* Collaborate with cross-functional teams to ensure secure IT operations.
* Support security assessments, audits, and compliance activities.

we are looking for an excellent Cloud Security Expert to provide advisory services to our biggest clients and help them to build and secure their cloud environments.
Major Responsibilities:
Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customers secure cloud environments
Deliver technology-related aspects of cloud security solutions and services to client engagements
Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
Cloud environments configuration reviews and assessment
Act as technical subject matter expert and the technical focal point for clients
When working with clients abroad, collaborate with member firms teams