לוח משרות דרושים מומחה אבטחת מידע / סייבר משרה מלאה

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC - from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets. You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
* Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
* Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
* Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
* Build reusable security components, libraries, and developer-friendly guardrails
* Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
* Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
* Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems

Why You’ll Love Working Here:

* Flexible hybrid model: 3 days a week in the office – A must
* ₪1,000 net monthly wellness benefit – from therapy to Pilates to your kid’s art class
* Full Keren Hishtalmut, private health & dental insurance
* Donation matching, volunteering days, team outings, and mentorship programs
* A mission-driven culture that values ownership, trust, and meaningful impact

Next Step:
Hit Apply. Bring your AppSec mastery abilities. We’ll bring the challenge – and the snacks.

Were looking for a GRC Specialist to join our companys cyber security department and manage our companys governance, risk and compliance (GRC) aspects from ground up. Build GRC processes, implement new producers and maintain technology systems to support GRC.
Responsibilities:
Lead our compliance operations and audit plans including ISO 27001, SOC2, SOC3 and PCI-DSS.
Conduct a risk assessment on systems, processes, vendors and maintain a security maturity program.
Design and maintain security methodologies, policies and procedures including exceptions and suggestions for corrective actions.
Be in charge of Third party risk management (TPRM)
Plan, design and implement GRC tools.
Plan design and implement continues compliance.
Support sales teams, enabling them to respond to customers and prospect questionnaires and RFPs.

We are seeking a highly skilled and experienced Information Security Specialist to join

As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the =security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain =security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with =. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

Do you want to shape the future of API security?
Would working with cutting-edge security products excite you?
Join the company API Security team!
our company, through our dynamic team from the Noname and Neosec acquisitions, is changing how web APIs are protected and monitored. We're looking for an experienced product manager to join our product development and GTM efforts, working across the entire spectrum of API Security product execution.
Achieve high-impact milestones contributing to our success
Help shape our industry-leading API security product!
As a Senior Product Manager, you will be responsible for:
Shipping product strategy and roadmap and aligning it with stakeholders, the company vision, and market trends.
Working directly with customers and the field to understand problems, personas, and gather feedback
Collaborating with engineering to define and deliver new features
Working with the product marketing team to develop effective business and market communications that emphasize product value.

CodeValue is looking for a skilled and experienced Security Architect to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows, aligning with industry best practices and compliance requirements.

We are seeking a talented and experienced Senior Full Stack Engineer to join Application Team. In this role, you will develop the customer-facing application that delivers our security solutions. This team works closely with Solutions Architects, Customer Success, and Pre-Sales Engineers, ensuring a seamless and powerful user experience.
Responsibilities:
Designing and implementing core components within the web app and our backend services.
Planning and implementing the rollout, testing and monitoring of features deployed to production end to end.
Conducting design and code reviews with the other team members.
Analytical approach for scale, optimizations and also awesome UX.
Drive and passion for pushing cross R&D-product workflows and initiatives.

We are looking for a highly motivated Security Operations (SecOps) Engineer to join our growing security team. The ideal candidate will bring 34 years of hands-on experience in cybersecurity operations and incident response, with strong expertise in cloud environments. You will play a key role in designing, implementing, and managing security monitoring, detection, and response capabilities that safeguard our organizations assets, data, and customers.


Key Responsibilities
Design and maintain monitoring flows and detection use-cases across SIEM and related systems.
Develop, optimize, and tune security rules, alerts, and dashboards.
Integrate threat intelligence feeds into monitoring tools.
Lead and support security investigations, from triage to remediation.
Coordinate with internal teams and external partners to contain and resolve incidents.
Create and maintain playbooks, runbooks, and IR documentation.
Build and maintain security automation and orchestration workflows to accelerate response.
Ensure compliance with security policies, frameworks, and regulatory requirements (SOC 2, ISO 27001, GDPR, etc.).
Maintain clear documentation of procedures, incidents, and improvements.

Required Domain Consultant - Network Security
Your Career:
As a domain consultant for network security transformation, you provide technical expertise and guidance in customers' network security and zero trust journey. You will be key in defining technical solutions that secure a customers key business imperatives. You evangelize our industry leadership in on-prem, cloud, and security services that establish us as a customers cybersecurity partner.
Your Impact:
Collaborate with sales teams to recommend and develop customer solutions within your assigned specialization.
Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership.
Lead and support customer demonstrations that showcase our unique value proposition.
Responsible for prospective customers and partners' Technical Validation projects based on best practices to ensure technical win in assigned opportunities.
Architect solutions that will help our customers strengthen and simplify their security posture
Document high-level design and key use cases to ensure proper implementation and value realization of our solutions
Lead conversations about industry trends and emerging changes to the security landscape.
Responsible for discussing and highlighting product alignment with customer requirements and differentiation
As the main technical point of contact for Network Security, you will assist and collaborate to respond effectively to RFIs/RFPs.
Position us or Partner delivered services as appropriate to ensure proper implementation and value realization of our solutions
Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative
Distinguished by additional specialized knowledge in breadth and/or depth.

The Trusted Infrastructure Team plays a pivotal role in laying down the foundational frameworks for secure and confidential computing. By combining advanced security protocols with the latest innovations in confidential computing, we lead the charge in ensuring data security and integrity in all our operations. This unit is perfect for those who are eager to influence large-scale, transformative security practices and enjoy the challenge of developing state-of-the-art infrastructure technologies.

What Youll Do
Lead and Mentor: Manage a team of talented developers, setting technical direction and providing mentorship to foster professional growth and inspire innovative solutions.
Confidential Computing Development: Drive key projects involving the design and deployment of confidential computing frameworks, setting the stage for the companys future security standards.
Innovative Strategy Implementation: Play a strategic role in influencing and advocating for the integration of new security technologies and protocols across our infrastructure.
C++ Development: Utilize your expertise in C++ to design robust, efficient, and secure software solutions that meet our high standards.
Collaboration and Knowledge Sharing: Work closely with cross-functional teams, leading workshops and presentations to share insights and innovations within the organization.
Production Issue Resolution: Tackle complex production and security challenges, developing robust solutions that enhance our overall operational security and performance.

As the Senior Information Security Architect , you will be the owner and chief designer of our corporate security architecture.

Youll be in charge of embedding security by design into every layer of the corporate technology stackcloud, SaaS, applications, and infrastructure.

In this highly influential role, you will set the strategic vision for secure architecture, lead threat modeling initiatives, and act as the ultimate authority on how builds, scales, and protects its corporate systems. Youll partner with engineering, product, and operations leaders to ensure that security is not just an add-on, but a foundational principle driving every decision.
Key Responsibilities-
Architect secure-by-design systems across corporate multi-cloud (Azure, AWS, GCP) and SaaS applications, ensuring strong IAM and key management practices.
Design and manage secure network architectures, applying strong knowledge of TCP/IP, DNS, VPNs, and enterprise firewalls, IDS/IPS, and traffic monitoring tools.
Secure operating systems (Linux, macOS) and oversee endpoint protection through leading EDR/XDR solutions
Act as the architectural authority in design decisions, setting technical direction and influencing company-wide security practices.
Take ownership of threat modeling for the corporate most critical systems, leading structured analyses to anticipate where attacks may occur and how to prevent them.
Skilled in vulnerability scanning, patching strategies, and prioritizing risks with enterprise-grade scanning platforms.
Hands-on experience designing, implementing, and enforcing security controls to prevent data leaks, unauthorized access, advanced cyberattacks, and emerging threats. This includes working with DLP solutions (e.g., Symantec DLP, Microsoft Purview, Digital Guardian), IAM and PAM platforms (e.g., Okta, Azure AD, CyberArk), endpoint protection and XDR tools (e.g., CrowdStrike, SentinelOne).
Lead the evaluation and adoption of next-generation security tools and technologies, ensuring stays ahead of attackers.
Serve as a trusted advisor and security leader, guiding executives and engineers alike in making security-first decisions.

We are looking for a highly skilled Product Security Architect to join our team at our company. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our company development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

we are seeking a passionate and skilled Information Security Engineer to join our team. In this role, youll be responsible for enhancing the security of our enterprise environment, working with a variety of security tools and technologies. We're looking for individuals with a strong background in information security who are eager to help shape the future of cybersecurity and protect our organization from evolving threats.
In this position you will:
Design, implement, and maintain robust security controls across our enterprise infrastructure, including endpoint, identity, and data protection systems.
Lead and support efforts to harden our companys internal environments against evolving threats, including proactive risk identification and remediation.
Collaborate closely with DevOps, IT, and engineering teams to secure enterprise platforms.
Contribute to the evaluation and deployment of security technologies (e.g., EDR, DLP, IAM, MFA, logging and monitoring solutions).
Take ownership of end-to-end security projects, from concept through implementation and operationalization.
Help define and enforce security policies, standards, and best practices across the organization.
Participate in threat modeling, vulnerability management, and incident response processes.
Engage in continuous improvement efforts in a collaborative, agile, and fast-paced environment.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.