לוח משרות דרושים מומחה אבטחת מידע / סייבר

we are looking for an Android Security Research team leader to manage a team of super-talented malware researchers and reverse engineers. Our teams help top-level companies improve their security mechanisms using our insights on the latest malware trends, adversarial shifts, and new techniques. Combining intelligence, sophisticated forensics, and data science helps us catch the most relevant and up-to-date threats and threat actors.
What will you do?
* Lead and mentor a team of security researchers across multiple projects
* Own long-term malware and security research of a variety of Android frameworks, technologies, and domains
* Detect large-scale malware campaigns and help bring their operations down
* Review and enhance your team's research reports and code
* Collaborate with other teams throughout the organization
* This role is a management position with 40% hands-on technical work
* Find the bad guys - take them down
About us:
we are a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact-whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, our company provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.

We are looking for a senior researcher to focus on vulnerability research and exploitation in embedded environments.

In this role, you will research proprietary technologies and analyze complex IoT and embedded devices.

You will be responsible for taking your research from initial discovery to a full end-to-end solution in production.

We are looking for talented, fast learners to work on vulnerability research and exploitation in embedded and IoT environments. This role is ideal for researchers with strong low-level backgrounds who want to deepen their expertise in IoT and embedded systems security while working on real-world, complex technologies

You will analyze proprietary software and hardware, apply a deep understanding of low-level systems, and take your research from initial discovery to a full end-to-end solution in production.

As a Security Support Specialist you will be tasked with driving operational security excellence within Data Centers while working with partner teams and leaders. The ideal candidate will manage communications and provide services as required. You will assist with electronic surveillance and access control requests, assisting Data Centre Security Managers streamline efficiency. You will write and implement security process and procedures. Your position will require you to extract metrics and observe improvements by looking at data. The successful candidate must have a proven track record of customer service, possess excellent verbal and written communication skills, and demonstrate good judgment and critical thinking.
An ideal candidate for this role will be able to work at all levels, from the theoretical knowledge of physical security principles to the practical application and real-world implementation of processes and measures. You should have a proven record of accomplishment in operations room/centre dispatching, data centre security operations, physical security, customer service; and the ability to multi-task.

Key job responsibilities:
You will manage a chat queue, phone communications, generate and/or manage trouble tickets, handle incoming chats, and provide support to customers.
Drive security awareness campaigns aimed at enhancing security vigilance and effectiveness.
You will manage workflow ticketing and extraction/development of performance metrics.
Configure physical security devices including cameras, readers, and panels.
Support daily operational security across a data centre campus.
Distil overarching security strategy into daily tactics to reach management goals.
Coordinate day-to-day activities and site security operations.
Coordinate with operations teams across a number of business units
Provide guidance and leadership across a number of team programs.
Building Partnerships through networking and innovation.
Extract metrics and seeking improvements by analyzing data and trends in order to influence positive change through targeted proactive incentives.
Verify Data Center security programs are delivered to meet defined global security standards
Assist in all media integrity related programs and activities
Assist in the training of new and existing personnel regards to compliance to security policies and procedures.
Handle escalations and resolve tasks delegated and/or assigned to the team.
Draft reports and prepare presentations on the status of physical security operations.
Collaborate with managers in writing and implementing security policies, processes and procedures based on regional or global security initiatives.
Serve as a customer advocate by identifying security-related opportunities and crafting innovative solutions that maintain uncompromising security standards
Participate in site audits, inspections.
Identifying, discussing and bringing forward issues and solutions to senior team members so to raise the security bar.

The Fraud Lead is the principal technical authority for fraud detection and response engine. You own the professional logic that powers our product, ensuring that the "Brain" of our platform is technically cohesive, scientifically rigorous, and market-leading.
You act as a System Architect for the fraud domain, connecting the dots between Research, Data Science, and Analytics. Crucially, you serve as the primary technical consultant for our customers, helping them understand, integrate, and optimize the fraud logic that protects their environments. You work alongside a separate Product group (who defines the roadmap) and a Platform Engineering group (who builds the infrastructure).
What youll do:
Technical Domain Architecture
Logic Blueprinting: Design the end-to-end technical logic for detection features-from telemetry ingestion to real-time response actions.
Cross-Team "Glue": Ensure that Fraud Research insights are effectively operationalized by the Data Science team and surfaced correctly by the Analytics team.
Architecture Governance: Set the technical standards for how detection logic is built, ensuring it is scalable and compatible with the Platform Engineering teams infrastructure.
Customer Fronting & Technical Advisory
Technical Subject Matter Expert: Act as the lead technical consultant for high-value customers. You will lead "deep-dive" sessions with client-side engineers and fraud experts to explain our detection methodologies and data requirements.
Integration Strategy: Advise customers on how to best leverage our technical logic within their specific business contexts.
Feedback Loop: Translate complex customer technical needs and "edge case" fraud patterns back into technical requirements for the internal fraud group.
Expert Implementation
Hands-on Prototyping: Remain an expert practitioner in Python and SQL. You will prototype new detection methodologies and perform technical validation of production models.
Quality & Observability: Design the technical frameworks that ensure our detection logic remains performant and observable in live customer environments.

We are looking for a hands-on security researcher who combines an attacker mindset, fraud-domain curiosity, strong technical depth, and data analysis skills. You will investigate real-world fraud patterns, reproduce attacker techniques, analyze telemetry, enrich our data collection capabilities, discover new security signals, and work closely with product, data, and engineering teams to turn research insights into production-grade detection and prevention mechanisms.
This role is especially relevant for researchers with experience in browser technologies, mobile-native applications, or both. You may work on desktop and mobile browsers, browser APIs, browser automation, client-side signals, native mobile applications, Android/iOS behavior, mobile security, emulators, device signals, and mobile automation.
You will help expand our visibility into new signals and patterns that improve fraud detection, model performance, and customer protection.
If you are a talented researcher who enjoys solving complex problems, working with messy real-world data, and building practical defenses against modern fraud and abuse, we want you to join our team.

The Cyber Security team is looking for a highly motivated GRC Specialist to join our team and take ownership of our Governance, Risk & Compliance program.
In this role, youll work closely with the CISO and cross-functional teams to embed security and compliance into everything we do. enabling the business to scale securely while meeting regulatory and customer expectations.
This is a high-impact position for someone who thrives in dynamic environments and wants to build, improve, and influence how security is managed across the organization.
What will you be doing:
Own and lead the organizations Governance, Risk & Compliance (GRC) program
Reporting the CISO to define and execute a GRC strategy aligned with business objectives and risk appetite
Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements
Lead and manage risk assessment processes across cybersecurity, IT, third-party, and operational domains
Maintain and actively manage the risk register, ensuring risks are identified, prioritized, tracked, and remediated
Drive and manage compliance programs (e.g., ISO 27001, NIST, CIS, GDPR), ensuring continuous audit readiness
Lead internal and external audits end-to-end, including evidence collection, auditor coordination, and remediation tracking
Manage third-party risk (TPRM), including vendor security assessments, questionnaires, and ongoing monitoring
Support product and engineering teams by integrating security and compliance requirements into new features and systems
Build and deliver risk and compliance reporting, including dashboards, KPIs, and executive-level insights
Translate technical risks into clear, business-relevant communication for leadership and stakeholders
Drive security awareness initiatives and promote a security-first culture across the organization

The cyber & information security department is looking for a Security Solutions Architect to support our business and drive its growth.
As a Security Solutions Architect, you will play a pivotal role in information security department, contributing to the overall success of company. This position offers an exciting opportunity for individuals who are passionate about field and are eager to make a meaningful impact through responsibilities.
In this role, you will work closely with the IT, R&D, finance, and other departments in the company.
In this job you will have the opportunity to make big impact on the security level of the company.
What will you be doing:
Develop and lead information security strategies by defining and implementing security policies, procedures, system hardening, incident response, disaster recovery, and addressing emerging cybersecurity threats and best practices.
Ensure secure project architectures by overseeing project and system designs to meet security requirements and integrating risk analysis.
Collaborate across teams by working with development, infrastructure, and security teams to resolve issues and implement improvements.
Act as a security design authority by reviewing, approving, and providing security sign‑off on solution architectures, including threat models, trust boundaries, and architecture decision records.
Participate in strategic meetings by engaging in project steering committees and regular discussions to drive security initiatives.
Conduct security reviews and risk assessments by assessing product features, technologies, and applications to meet security standards.
Plan and design security solutions by developing solutions to identify, protect, detect, respond, and recover from cyber threats.

We're looking for a security practitioner who wants to go deeper than monitoring dashboards and triaging alerts. Someone who understands what good detection looks like, knows their way around a SIEM, and isn't afraid to roll up their sleeves with APIs and automation. You'll be the bridge between the security products our customers already trust and the our company platform that validates whether those products are actually doing their job.

Opportunity Highlights
Our integrations team is responsible for connecting our company with the security products that make up enterprise defense stacks worldwide - EDR and XDR platforms, SIEMs, vulnerability management tools, threat intelligence platforms, email security products, and cloud security solutions.

You'll own the full lifecycle of these integrations: building new ones, keeping existing ones healthy, and setting up realistic lab environments that mirror what our customers actually run. When something breaks in the field (or can't be reproduced internally) you'll be the one figuring it out.

You won't be doing this alone. You'll work closely with our Product, Engineering, and Security teams, and you'll have access to modern AI-powered development tools that let you move fast without sacrificing quality.

The Impact You Will Have

Design, build, and maintain integrations with leading third-party security products
Own the full lifecycle of existing integrations - maintenance, bug fixes, upgrades, and reliability improvements
Research vendor APIs, authentication flows, event schemas, and product capabilities to unlock new integrations
Translate complex security telemetry into normalized, actionable data
Build and maintain lab environments that mirror real enterprise security deployments
Reproduce field scenarios, validate detections, and troubleshoot integration behavior end-to-end
Investigate issues in customer-like environments when they can't be reproduced internally
Continuously evaluate new security technologies and identify integration opportunities
Use modern AI-driven development tools to accelerate delivery and improve quality

As a talented researcher, you will be joining the industrys leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.
Key Responsibilities:
You will join Cellebrites digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, and putting criminals behind bars, every day.
You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.

we are looking for a talented team leader to join the industrys leading digital intelligence Labs group. In this role, you will lead and participate in innovative projects to implement and productize groundbreaking, world-unique capabilities for extracting evidence from Android or iOS devices.
Modern Android and iOS platforms present increasing challenges from a forensics perspective, incorporating robust protection mechanisms such as File-Based Encryption, Secure Element, and mitigations like Pointer Authentication Codes.
our Labs is a team of passionate researchers and developers dedicated to solving cutting-edge digital intelligence challenges, staying years ahead of others in the industry.
Our world-class R&D efforts assist law enforcement agencies by enabling lawful evidence extraction, helping to bring criminals to justice every day.
Key Responsibilities:
Oversee Vulnerability Research Projects: Lead and manage projects focused on discovering and exploiting vulnerabilities in mobile platforms.
Mentor and Guide Team Members: Provide mentorship and guidance to researchers, helping them navigate complex technological challenges.
Deliver Comprehensive Solutions: Develop complete solutions, moving beyond proof-of-concept demonstrations to fully implementable exploits.
Recruit and Develop Talent: Identify and recruit new researchers as needed, building a skilled and dynamic team to enhance the department's capabilities.

About us Think about literally anything in your house. Your shirt. Your phone. That random IKEA wrench thingamabob you still haven’t thrown away. Odds are, it all came from somewhere else. Freight is the invisible magic trick that makes the global economy work. And we’re the ones helping it work a little bit faster, smarter, and cheaper. Freightos (Nasdaq: CRGO) is the global booking and payment platform for the trillion-dollar freight industry. Hundreds of airlines and ocean liners, thousands of freight companies, and over ten thousand importers and exporters use our platform to move goods around the world faster and more efficiently. This matters. Efficient freight ultimately makes things cost a little bit less when you buy them in the store. We’ve been on a rocketship (freight ship?) of double-digit growth for years, and we’re nowhere near done. About the Role We are looking for a hybrid powerhouse - a DevSecOps. In this role, you will be the "Ghostbuster" of our systems, an elite specialist who ensures our platform is not only lightning-fast and reliable, but also hardened against any digital threat. You are the kind of person who locks every back door behind you while keeping the gate always open for customers worldwide. Responsibilities:
* Lead security architecture and design reviews to ensure new systems and platforms meet security, reliability, and scalability requirements.
* Develop, implement, and enforce technical security standards, secure baseline configurations, and infrastructure hardening guidelines.
* Own the reliability, availability, performance, and security of production systems across the organization.
* Design, implement, and optimize secure and scalable CI/CD pipelines, integrating security practices throughout the SDLC.
* Build and maintain automation tools and operational processes to improve deployment efficiency, system stability, and security posture.
* Enhance security and observability by implementing and managing monitoring, logging, alerting, and SIEM solutions across distributed systems.
* Lead and participate in incident response activities, including threat monitoring, on-call support, and continuous improvement of operational readiness processes.
* Conduct security assessments, vulnerability management, and compliance audits to identify and remediate risks.
* Promote a security-first engineering culture by mentoring teams on secure coding, infrastructure, and deployment best practices.
* Stay current with emerging threats, vulnerabilities, attack vectors, and industry best practices, and proactively integrate improvements into engineering and security processes.
* Participate in the on-call rotation , with availability to support a global environment.

Hybrid:
Yes

Are you ready to evolve from a GRC Specialist into a strategic leader? We are looking for a high-potential GRC Specialist to join Fiverr. As a GRC at Fiverr you will be responsible for aligning Fiverr’s security compliance and regulatory requirements. You will be responsible for preparing the business for certifications and regulations. You will verify that existing controls are adequate and define and oversee the implementation of new security controls. In addition, you will be responsible for) Risk management, employee awareness and Vendor Security assessment. You will devise new policies and update existing ones while aligning with business processes.


What am I going to do?:

* Oversee the company's security GRC program.
* Lead annual certifications (ISO 27001, SOX-ITGC) and prepare for security audits (e.g., PCI DSS).
* Third-party risk management.
* Develop policies and guidelines aligned with security best practices for complex environments.
* Conduct risk management and build plans to mitigate risks while engaging stakeholders.
* Collaborate with IT, Legal, HR, Finance, and security teams to address gaps versus best practices.
* Drive the security awareness program and explore strategies to enhance the security posture.


Equal opportunities:
At Fiverr, we prioritize diversity. We celebrate difference and embed it into every aspect of our workplace and product, as well as our community. Fiverr is proud and committed to providing equal opportunity employment to all individuals regardless of race, color, religion, sex, sexual orientation, citizenship, national origin, disability, Veteran status, or any other characteristic protected by law. In addition, Fiverr will provide accommodation to individuals with disabilities or a special need.

At our company, we move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
Job Overview:
We are seeking a highly skilled and experienced Security GRC Specialist to join our team. This position reports directly to the GRC Manager, as part of the CISO group. The ideal candidate should have a strong background in GRC, with a proven track record of successfully implementing GRC programs. This role requires a diligent professional who thrives in a fast-paced environment and can manage multiple priorities while maintaining attention to detail.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Manage ISO 27001/ISO27017/ISO27018 compliance by conducting gap analyses, maintaining ISMS documentation, and coordinating audits to ensure ongoing certification.
Respond to customer due diligence requests and support the review of security and compliance clauses in customer and vendor contracts,
Conduct third-party risk assessments and identify potential security threats and vulnerabilities.
Manage and maintain the GRC platform to ensure accurate compliance monitoring, documentation, and audit support
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.