לוח משרות דרושים מומחה אבטחת מידע / סייבר

We are seeking an experienced Incident Response Global Manager based in Israel to lead and coordinate cyber incident response operations across multiple regions.
This role is responsible for managing high-impact security incidents, overseeing global IR delivery, and ensuring seamless collaboration across a follow-the-sun model. The ideal candidate will combine strong technical expertise with leadership and stakeholder management skills.
Key Responsibilities
Lead and manage end-to-end incident response engagements for global clients
Coordinate cross-regional IR teams to ensure 24/7 coverage and effective escalation
Act as the primary point of contact for customers during critical incidents
Oversee incident investigations, containment, eradication, and recovery efforts
Develop and refine IR processes, playbooks, and best practices
Support proactive services such as readiness assessments and tabletop exercises
Provide executive-level reporting and post-incident analysis
Mentor and develop IR team members across regions.

We are looking for a Security Lead to join our companys R&D organization, taking a central, cross-functional role in shaping the security posture of our products. This role combines deep hands-on expertise with cross-organizational leadership, working closely with senior leaders to shape and implement security strategy across all product lines. You will lead end-to-end security initiatives, influence engineering practices at scale, and play a critical role in ensuring our products meet the highest security standards.
Key Responsibilities
Lead security in the R&D organization by professionalism and cooperation across our company
Maintain and develop the Secure Development Life Cycle of all our companys Products Organization, work with R&D, QA, Sales, Support, external researchers, and customers to make the cyber landscape a safer place.
Conduct architectural security reviews and threat modeling for R&D
Full triage for our company's VDP and BBP reports, including analyzing reports, calculating severities and communications with reporters.
Define and develop security training to implement cross organization
Be a first responder in security incidents, including leading and defining actions to resolution
Manage and monitor our company's SCA, SAST, DAST tools.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

our company has been delivering smart, scalable web solutions for nearly two decades, specializing in Shopify, application development, and third-party system integrations. We love connecting systems almost as much as we enjoy connecting with our clients.
We are looking for a hands-on DevSecOps Specialist to lead and improve security across our cloud infrastructure, development workflows, production environments, and internal systems. This is a high-ownership security role designed for someone with a strong Cloud / DevOps / infrastructure background who wants to grow deeper into security. You do not need to have held a dedicated security position before, but you should bring strong production experience, serious curiosity about security, and the ownership mindset needed to become our internal security lead. We understand that this is a growth path, and we will provide the time, support, and resources needed for the right person to develop into the role.
What youll do
* Take hands-on ownership of security processes across cloud, servers, infrastructure, CI/CD pipelines, and internal systems
* Build and implement practical security solutions, tools, policies, and workflows
* Work closely with engineering teams to integrate security into development and deployment processes
* Identify, prioritize, and help remediate security risks in production environments, networks, permissions, deployments, and services
* Help create and maintain internal security policies, processes, and documentation
* Support audits, compliance preparation, and external security reviews when needed

Were looking for a highly skilled Application Security Researcher to join our Security Research group and help us push the boundaries of modern AppSec. This is a critical, hands-on role where youll work closely with engineers, researchers, and AI & data scientists to build the next generation of application security - including autonomous, agentic pentesting capabilities.
This is not a typical AppSec role. Youll be building, breaking, and redefining how offensive security works at scale.
What Youll Be Doing:
Design and build detection engines and decision-making logic for autonomous security systems
Develop new classes of automated attacks leveraging deep application and infrastructure context
Conduct advanced research on chaining vulnerabilities, logic flaws, and complex attack paths
Prototype, build, and ship security capabilities into production environments
Collaborate with Product, Engineering, and Data teams to shape next-gen security features
Analyze large-scale data to identify attack opportunities and improve detection accuracy
Actively contribute to research direction, ideation, and innovation within the team

We are looking for a
Junior IT SecOps Specialist
with
at least 1-2 years of hands‑on experience
in security operations or IT security. The role is ideal for someone who already has foundational security skills and wants to grow into advanced SecOps responsibilities while working alongside experienced specialists within Kornits global hybrid environment.

This position aligns with the responsibilities defined for the SecOps team, including monitoring, incident response, and implementation of security technologies
What will you do?
Security Platforms & Daily Operations
Assist in operating and maintaining security solutions such as EDR/EPP, MFA, NAC, IPS, and secure DNS platforms.
Support onboarding and configuration tasks for new or existing security tools.
Perform routine health checks on security systems and escalate anomalies as needed.
Monitoring, Detection & Incident Handling
Monitor alerts and events from security platforms.
Perform first‑level triage, document findings, and escalate incidents to senior SecOps members
Participate in remediation activities with guidance (e.g., addressing misconfigurations or legacy system exposures similar to past findings)
Infrastructure Hardening & Compliance Support
Assist in applying IT security standards and guidelines across systems and environments.
Support the implementation of secure configurations for endpoints, servers, and cloud workloads under supervision.
Team Collaboration
Work closely with the CISO and senior SecOps team to support ongoing security initiatives and improvements
Collaborate with IT Infrastructure, Network, and Cloud teams to troubleshoot and secure operational environments.

We are looking for a highly motivated SOC/NOC Analyst to join our operations and security team. This role is responsible for monitoring, detecting, analyzing, and responding to security and network events across the organizations infrastructure and production environments.
The SOC/NOC Analyst will play a key role in maintaining service availability, identifying threats, investigating incidents, and ensuring timely escalation and resolution of operational and security issues. The ideal candidate is detail-oriented, analytical, and able to work effectively in a fast-paced, 24/7 environment.
Key Responsibilities :
Monitor security and network events using SIEM, monitoring, and alerting platforms.
Investigate alerts, anomalies, and incidents related to infrastructure, systems, applications, and network activity.
Perform first-level triage, validation, categorization, and escalation of security and operational incidents.
Respond to incidents involving suspicious activity, service disruption, connectivity issues, unauthorized access attempts, and infrastructure abnormalities.
Open, track, and update incidents in the ticketing system, ensuring accurate documentation and timely resolution.
Support incident response activities, including containment, evidence gathering, and post-incident analysis.
Monitor network performance, uptime, connectivity, and service health across production environments.
Assist in vulnerability management, log analysis, and security control validation.
Maintain runbooks, knowledge base articles, and operational documentation.
Contribute to process improvement initiatives to enhance monitoring coverage, response quality, and operational resilience.
Additional Notes :
This role requires shift-based work as part of a 24/7 monitoring and response function.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response.
You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.
If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.
Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

We are looking for a Security Engineer to join our Security Engineering team. This is a generalist, "all-rounder" role - you will work across all security domains, while leading and owning a specific security domain based on your expertise.
You will define and drive security programs, design and implement security controls, and make architecture-level decisions across your domain. You will work closely with R&D, DevOps, and engineering teams, embedding security into how we build and operate at scale, and help shape a security-first culture across the organization.
What You'll Work On:
Define and maintain security standards, policies, and controls across all security domains - including SSDLC processes and secure development standards across R&D
Work hands-on alongside R&D, engineering, and IT teams to implement security controls, drive adoption, and ensure execution
Lead and contribute to large-scale security projects with real organizational impact
Evaluate, integrate, and operate industry-leading security tooling and platforms - including emerging startups with cutting-edge technologies
Build automation, tools, internal processes, Terraform modules, GitHub Actions, and AI agents for engineering teams and for your own team
Conduct security assessments and threat modeling.
Lead containment, investigation, and forensic analysis during security incidents
Identify security gaps and misconfigurations across cloud environments, infrastructure, and internal processes - and drive remediation through scalable, long-term solutions
Contribute across all security domains - cloud, application, AI security, detection engineering, IT, and more

We are looking for a Senior Product Security Engineer to join our Information Security team.

This is a founding, high-impact role: the company's sole Product Security authority - responsible for building the product security domain from the ground up, defining standards across our product portfolio, and serving as the go-to expert for engineering teams.

Responsibilities
Define and own the Product Security strategy, roadmap, and standards.
Drive security integration throughout the entire SDLC - from design to production.
Lead secure product design, code reviews, and penetration test remediation.
Establish and enforce API security standards and secure coding frameworks.
Drive and enhance the bug bounty program.

As the architect of the Autonomous SOC, you will dive deep into Windows and Linux internals to understand modern adversary techniques. Your mission is to transform the complex art of incident response into high-fidelity, automated science. You will investigate attacker tradecraft, analyze forensic artifacts, and build the logic that allows customers to respond to breaches in seconds.
How we work:
The Anatomy of an Attack: We deconstruct complex attack patterns across Windows and Linux to build forensic "blueprints." We don't just find a threat; we map out the exact response flows and forensic steps needed to dismantle it from the inside out.
Precision Matters: We obsess over finding the exact thresholds that allow us to neutralize threats without disrupting the user experience.
Innovation First: We aren't satisfied with off-the-shelf tools; we develop our own research frameworks and leverage AI to amplify our efficiency.
From Insight to Action: We don't just write reports. Every piece of research we conduct is designed to be codified into a sophisticated, automated response playbook that protects our customers at machine speed.
Were looking for people who want to see their research solve "impossible" problems in real-time.
Key Responsibilities
Deep Forensic Research: Conduct original research into Windows and Linux attack surfaces to identify new response and remediation vectors.
Codify IR Tradecraft: Translate complex investigative steps (e.g., memory forensics, binary analysis, or cloud-native IR) into scalable, automated workflows.
Engineer Autonomous Logic: Design "self-healing" security playbooks that don't just alert, but actively neutralize threats across Endpoint, Identity, and Cloud environments.
Telemetry Mining: Hunt through massive datasets in Cortex XSIAM to find the "ground truth" of an attack and validate that your automations are bulletproof.
Shape the Product: Act as a subject matter expert for the engineering team, influencing how our XDR and NDR sensors collect data based on your IR findings.