לוח משרות דרושים מומחה אבטחת מידע / סייבר

XM Cyber is a global leader in hybrid cloud security. XM Cyber brings a new approach that uses the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The XM Cyber platform enables companies to rapidly prioritize and respond to cyber risks affecting their business-sensitive systems.
About the role: Are you a super-talent Senior Software Engineer with a deep passion for cybersecurity and a profound understanding of AI-driven attack techniques? We are looking for a highly professional and responsible R&D member to join our team.
This role is for someone who thrives on technical challenges and is ready to leverage their expertise to identify, analyze, and defend against advanced cyber threat
Responsibilities: As a Senior Software Engineer in R&D, you will be a key player in the design, development, and deployment of our cybersecurity platform. Your responsibilities will include: ? Leading the research and implementation of techniques to identify and mitigate AI-related attack methods, such as data manipulation and adversarial attacks on security systems. ? Developing and integrating new security features into our platform to proactively defend against modern cyber threats. ? Collaborating with our team to define technical requirements and architectural solutions for cutting-edge security features. ? Tackling challenging technical problems at the intersection of cybersecurity and low-level systems.

We are seeking a talented, tech savvy Detection Engineer to join our Cyber Security team and elevate detection and response capabilities across cutting-edge systems.

Responsibilities

Lead initiatives to enhance our capabilities for effectively detecting and responding to security incidents.
Design, develop, refine detection rules, alerts, and dashboards across security platforms to identify malicious or suspicious behavior.
Deploy, manage, and maintain the infrastructure components of various detection platformsincluding indexers, search heads, forwarders, and clustersto ensure high availability, optimal performance, and scalability
Parse and analyze logs from endpoints, servers, network devices, cloud services, EDR/XDR, and more.
Automate detection pipelines and content deployment using Detection-as-Code methodologies and CI/CD frameworks.
Tune and optimize detection logic to minimize false positives and enhance alert fidelity.
Collaborate with different teams to continuously improve detection coverage.
Integrate with SOAR tools and workflows, developing playbooks that enhance speed and consistency of incident response.
Perform proactive threat hunting, alert triage, and incident investigations, leveraging threat intelligence and different cybersecurity frameworks.

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.

In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.

The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.

Responsibilities:

Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environmentsWindows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

looking for a high-energy, talented people to join the Security team. As a Security Engineer, you will take part in product content development and build logics and signatures to mitigate emerging security threats. Your work outcome will feed Cato Cloud security products such as the IPS and Suspicious Activity Monitoring with the latest protections. You will analyze protocols and investigate various attacks utilizing network analysis tools and modern data analysis frameworks. Joining is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security.

Responsibilities:

Research and analyze new threats and develop product content such as IPS signatures and logic to provide the best protection for Catos customers.
Enhance product accuracy and its ability to detect new threats in the dynamically-changed security landscape.
Monitor your work using different monitoring tools and methods over the cloud.
Utilize Cato Data Warehouse with big-data technologies to support your work.

We are looking for proactive, analytical talented people to join the Security Applications Content team.
As a Senior Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to Catos security and network products such as NGWF, CASB, DLP, Device Management and more.
Joining Cato is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior as part of Cato Networks
Security products (NGFW,CASB,DLP,Device Management and more).
Suggest and conduct new research vectors
Utilize Catos Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency

Required IT & Security Operations Specialist
Responsibilities:
Lead and manage E2E complex projects in the IT, IS and Security department
Coordinate and work closely with security teams
Establish effective relationships with stakeholders, communicate project updates and risks, collaborate with business units to understand their needs.
Develop and maintain project documentation, prepare reports and departments statistics.
Experience in managing projects related to security infrastructure, compliance, risk, GRC, IAM, or cloud security.

As a Security Architect, you will play a pivotal role in enhancing and maintaining the security posture of our organization. You will provide governance and guidance on security measures in product development and operations, ensuring our products and systems are robust and resilient against threats.

This role requires a security professional who is also a thought leader with deep technical expertise and a passion for mentoring others.

Provide governance and guidance on security measures in product development and operations.
Oversee the implementation of security policies and serve as the main contact for guidance on security activities.
Define and propagate cross-company security best practices, and cloud security architectures.
Define and maintain secure development guidelines and standards.
Initiate and participate in code reviews, design reviews, threat modelling and other critical assessments to ensure security standards are met.
Prepare and deliver training sessions and security awareness activities to development and engineering teams.
Lead product incident response efforts and ensure timely and effective resolution.
Review and update security policies to align with evolving threats and organizational needs.
Lead the assessments of teams/services to ensure compliance with security policies and standards.
Manage security tools, provide training, and assist developers in utilizing these tools and interpreting reports.
Support external/internal penetration testing services.
TI operation (Intelligence)
Monitoring (SIEM/SOC)
Team player qualities

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC - from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets. You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
* Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
* Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
* Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
* Build reusable security components, libraries, and developer-friendly guardrails
* Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
* Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
* Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Why You’ll Love Working Here:

* Flexible hybrid model: 3 days a week in the office – A must
* ₪1,000 net monthly wellness benefit – from therapy to Pilates to your kid’s art class
* Full Keren Hishtalmut, private health & dental insurance
* Donation matching, volunteering days, team outings, and mentorship programs
* A mission-driven culture that values ownership, trust, and meaningful impact

Next Step:
Hit Apply. Bring your AppSec mastery abilities. We’ll bring the challenge – and the snacks.

Were looking for a GRC Specialist to join our companys cyber security department and manage our companys governance, risk and compliance (GRC) aspects from ground up. Build GRC processes, implement new producers and maintain technology systems to support GRC.
Responsibilities:
Lead our compliance operations and audit plans including ISO 27001, SOC2, SOC3 and PCI-DSS.
Conduct a risk assessment on systems, processes, vendors and maintain a security maturity program.
Design and maintain security methodologies, policies and procedures including exceptions and suggestions for corrective actions.
Be in charge of Third party risk management (TPRM)
Plan, design and implement GRC tools.
Plan design and implement continues compliance.
Support sales teams, enabling them to respond to customers and prospect questionnaires and RFPs.

We are seeking a highly skilled and experienced Information Security Specialist to join

As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the =security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain =security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with =. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

Do you want to shape the future of API security?
Would working with cutting-edge security products excite you?
Join the company API Security team!
our company, through our dynamic team from the Noname and Neosec acquisitions, is changing how web APIs are protected and monitored. We're looking for an experienced product manager to join our product development and GTM efforts, working across the entire spectrum of API Security product execution.
Achieve high-impact milestones contributing to our success
Help shape our industry-leading API security product!
As a Senior Product Manager, you will be responsible for:
Shipping product strategy and roadmap and aligning it with stakeholders, the company vision, and market trends.
Working directly with customers and the field to understand problems, personas, and gather feedback
Collaborating with engineering to define and deliver new features
Working with the product marketing team to develop effective business and market communications that emphasize product value.

CodeValue is looking for a skilled and experienced Security Architect to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows, aligning with industry best practices and compliance requirements.