לוח משרות דרושים מהנדס סייבר

We are looking for a skilled Application Engineer to join our security team as Application Security Engineer and help ensure the security, reliability, and integrity of our application ecosystem. In this role, you will work closely with Engineering, Product, and Customer-facing teams to identify, analyse, and mitigate security risks across APIs, integrations, and cloud-based systems.
Job responsibilities:
Design, assess, and improve the security of application-level integrations, including APIs, webhooks, and SFTP-based data flows.
Act as a subject matter expert for complex integration and application security issues, supporting high-impact customers and strategic partners.
Investigate and resolve security and data inquires using logs, SQL queries, and debugging tools.
Collaborate closely with Development and Product teams on security-related bugs, architectural decisions, and product roadmap discussions.
Review and troubleshoot integration flows involving AWS services and third-party systems, with a focus on secure design and implementation.
Contribute to the continuous improvement of application security practices, processes, and tooling.
Support incident analysis and root cause investigations related to application security and integrations.

We are looking for a hands-on cybersecurity expert to serve as a trusted technical advisor for our customers. In this role, you will leverage your in-depth knowledge of the cybersecurity landscape, our company platform, and security validation principles to lead technical deep-dives, guide remediation strategies, and ensure successful deployment. Acting as the bridge between the field and R&D, you will combine technical and problem-solving skills with strong communication abilities to drive platform adoption and enhance customer security maturity.
Roles & Responsibilities:
Demonstrate deep technical mastery of the company platform and its integration across customer networks, endpoints, authentication, and security controls.
Lead technical deep-dives with security teams (SOC, IR, Red/Blue) to review findings, explain and analyze attack vectors, and guide remediation based on real-world offensive techniques.
Provide end-to-end support for deployment, configuration, and complex troubleshooting, while advising on security risks, misconfigurations, and validation procedures.
Drive customer success, retention, and platform adoption by providing consistent technical guidance on cybersecurity trends and identifying opportunities for expanded use.
Act as the technical voice of the customer, channeling operational feedback and needs internally to Product, R&D, and Support teams.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

We are At our company, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
This role focuses on ensuring the security and compliance of cloud infrastructure by implementing and maintaining robust security controls across AWS environments. The position involves automation for security monitoring, adhering to best practices, and collaborating cross-functionally with other teams.
Who You Are:
A strong individual contributor who takes pride in delivering high-quality security outcomes while collaborating closely with peers and stakeholders. You are able to build trust, provide thoughtful input, and continuously grow your technical and operational expertise. You are passionate about exploring new technology and using it to make an actionable impact to the future of fintech. You can balance the needs of the business and the team's goals with strong value for code quality and adherence to implementing best practices. A highly skilled AWS Security Engineer with additional FinOps expertise to ensure the security and compliance of our cloud infrastructure. You are able to implement and maintain robust security controls across AWS environment. You are passionate about best practices, automation for security monitoring, and collaborating with other teams.
What Youll Actually Be Doing:

* Cloud Security Implementation: Contribute to the design and implementation of security measures across AWS environments to ensure systems are secure, compliant, and aligned with industry best practices. Including implementation, automation and development of security policies
* Conduct regular security assessments, control testing, and audits to proactively identify risks and vulnerabilities (and support remediation efforts with partner teams)
* Collaboration with Internal Teams: Work closely with internal teams to integrate security best practices into development and operational workflows
* Security Automation & Infrastructure Management: Design and implement automation strategies for security monitoring, auditing, and incident response
* Cost Efficiency through Security: Contribute to cloud cost management by optimizing cloud resources without compromising on security.
* Incident Response & Threat Management: Participate in incident response efforts to support timely identification, analysis, containment, and remediation of security threats. Contribute to post-incident reviews, help maintain incident response playbooks, and support internal teams by sharing learnings and updated procedures.

Why Youll Love Working Here:


* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first

Required Application Security Engineer
What You Will Do
As an Application Security Engineer, you will act as a bridge between offensive security and engineering teams. You will leverage your penetration-testing mindset to proactively improve the security of applications throughout their lifecycles. This includes partnering with developers to identify and remediate vulnerabilities, contributing to secure design decisions, participating in threat modeling, and conducting security reviews. You will help build scalable, repeatable security practices that reduce risk across the product.
Responsibilities:
Validating and prioritizing vulnerabilities from PTs, bug bounties, and tools
Collaborating with engineering teams on remediation
Participating in application security reviews
Supporting Secure Software Development Lifecycle (SSDLC)
Managing and using SAST, DAST, and SCA tools
Developing security standards and best practices.

We offer hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. Our values are at the core of every action we take, and we are committed to going above and beyond to benefit the patients we serve. We are a dynamic, fast-paced company operating in over 34 countries on 5 continents. We are looking for out-of-the-box thinkers, people who are passionate, caring, agile, and adaptive, to join us on our mission. If you are looking to make a difference in people's lives, we invite you to join us! We are looking for Microsoft 365 Security Engineer to lead the implementation and continuous improvement of Microsoft security and compliance capabilities across the Microsoft 365 environment. The role focuses especially on Microsoft Purview and Microsoft Defender for Cloud Apps, and also covers Microsoft Defender for Office 365, Security for identity, Entra ID security controls, and security features across Exchange Online and collaboration services. You will translate requirements into technical design and configuration, implement and tune policies, rollout changes safely, troubleshoot complex issues, and document solutions and operational procedures. You will work closely with IT and system teams to ensure stable integrations, minimal business disruption, and measurable risk reduction.
Responsibilities:
Lead end to end implementation and ongoing improvement of Microsoft 365 security and compliance controls. Implement and operate Microsoft Purview, including sensitivity labels and DLP, and support additional compliance capabilities as needed. Implement and operate Microsoft Defender for Cloud Apps CASB, including cloud discovery, governance controls, and policy enforcement. Implement and tune Microsoft Defender for Office 365 protections for phishing, malware, and impersonation threats. Support identity driven security controls with Entra ID, including Conditional Access concepts and tenant security posture improvements. Improve Exchange Online security posture, mail flow protections, and related configurations. Create technical documentation, runbooks, and change plans, and provide operational support and troubleshooting. Partner with internal teams and stakeholders to plan rollouts, reduce false positives, and maintain business continuity. Experience in securing Microsoft SharePoint Online, including configuration of access controls, data protection policies, and compliance settings.
City:
Petah Tikva

The IT Security Engineer will be responsible for implementing, managing, integrating and maintaining security systems across the organizations IT landscape. The role includestranslating policies and standards into procedures and controls, collaborating with internal stakeholders such as IT, Product Security, and Data Centers, and performing preventive actions and rapid response to security incidents.
Key Responsibilities:
Security Systems:Implement security architectures and controls.Maintain and manage security systems such as:XDR (Extended Detection & Response), SWG (Secure Web Gateway), DLP (Data Leakage Prevention), Email Security, Network security (Firewalls, NAC), IAM (Identity & Access Management), CASB (Cloud Access Security Broker), PAM (Privileged Access Management), EPM (Endpoint Privilege Management), BAS (Breach & Attack Simulation), Vulnerability Scanners, Training & Awareness, SIEM (Security Information & Event Management), SOAR (Security Orchestration, Automation & Response), Password Manager, Threat Intelligence, Patch Management, TPRM (Third-Party Risk Management), EASM (External Attack Surface Management).
Collaborate with teams:
Develop and implement security for IT systems, applications, and networks.Integrate security into the design and development of new and existing systems.Provide guidance on secure configurations and designs.Identify and remediate vulnerabilities and misconfigurations.Monitor and optimize system and processes to enhance security and comply with policies and standards.Lead and execute cross-organizational security projects and initiatives.
Technological Documentation:
Write technical documents such as:HLD (High Level Design), LLD (Low Level Design), system documentation, procedures, guidelines, IMF (Incident Management Flow), network diagrams.Incident Response and Recovery:Collaborate with the Security Operations Center (SOC) and MSSP to ensure robust incident detection and response capabilities.Contribute to the development of incident response plans and recovery strategies.Participate in post-incident reviews to identify lessons learned and implement improvements.
Security Technology Evaluation:
Research and recommend new security technologies to enhance the organization's security posture.Oversee the implementation and integration of security tools and solutions.Evaluate the impact and effectiveness of security technologies in mitigating risks.Compliance and Audit Support:Ensure IT systems and processes comply with relevant regulatory standards (e.g., ISO 27001, NIST, GDPR).Support internal and external audits by providing documentation and evidence of compliance.Maintain detailed records of security controls and activities for audit purposes.

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.
In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.
The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.
Responsibilities:
Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

Required Embedded Linux & Security Engineer
Position Overview:
As an Embedded Linux & Security Engineer, your daily mission involves crafting custom Linux images tailored for our embedded platform, which plays a crucial role in unlocking phones and extracting forensic evidence for law enforcement agencies. Your expertise will also be pivotal in developing and enhancing the Board Support Package (BSP) layer, ensuring the highest level of security for our platform. This position, nested within our security research department, requires close collaboration with research teams to tackle and anticipate the security challenges of tomorrow to bypass security mechanisms of modern phones.
You'll thrive in a role that blends technical challenges with a profound impact on society. You'll contribute to product that play a vital role in law enforcement and public safety. Our collaborative environment offers endless opportunities for professional growth, letting you work side by side with some of the brightest minds in security research and embedded systems development. This position is not just a job; it's a mission to make the world a safer place, with innovative challenges and the chance to solve complex problems daily.
Key responsibilities:
Develop and maintain custom Linux images for our embedded platform, optimizing performance and security.
Design and implement the BSP layer, ensuring compatibility and efficiency across different hardware configurations.
Identify, analyze, and mitigate potential security vulnerabilities.
Engage in innovative problem-solving activities, contributing to the development of new technologies and methodologies.
Maintain up-to-date knowledge of the latest security threats, trends, and technologies.

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered. .

The Role:
As the Security Engineering Operations Assistant, you'll be the organizational backbone for the VP, Security Engineering—ensuring requests move forward, deadlines stay visible, and nothing gets lost in the shuffle. This isn't about being an admin; it's about being the force multiplier that lets security leadership focus on strategy and technical priorities while you keep the machine running smoothly. If you're the person who naturally keeps lists, follows up before being asked, and gets satisfaction from bringing order to chaos—this role was made for you.

Who You Are:
You're the person everyone relies on to remember the thing that was supposed to happen last Tuesday. You've got 2–5 years of experience in technical coordination, support roles, or security/IT/engineering operations environments, and you know how to work alongside technical teams without needing your hand held. You're exceptionally organized—not in a "my desk is clean" way, but in a "nothing falls through the cracks" way. You communicate clearly in writing and conversation, you're comfortable working closely with senior leadership, and you handle sensitive information with discretion. You're not intimidated by technical discussions—even if you're not the one configuring the firewall, you can follow along, capture the key decisions, and know what questions to ask to make sure everyone's aligned on next steps. You're proactive, dependable, and genuinely curious about how things work.

What You’ll Actually Be Doing:
Direct Support to Security Engineering Leadership
* Assist the VP, Security Engineering with tracking requests, action items, and follow-ups arising from meetings, emails, and discussions
* Maintain organized lists of open items, next steps, and pending decisions
* Perform routine follow-ups with internal teams and external vendors on behalf of Security Engineering
* Help ensure deadlines and commitments are visible and monitored
* Surface overdue items or risks that may require attention Coordination & Task Tracking
* Support coordination of security engineering activities across Security, IT, Engineering, GRC, and external partners
* Track progress of assigned tasks and initiatives using established tools and processes
* Assist in scheduling, preparation, and follow-up for security-related meetings
* Help organize priorities and timelines across multiple parallel efforts Technical Awareness & Documentation
* Maintain familiarity with core security engineering domains, including: Identity and Access Management, Endpoint and device management, Cloud security basics (AWS and Azure), Security tooling and operational workflows
* Capture key outcomes, decisions, and action items from technical discussions
* Maintain documentation, trackers, and status updates
* Ask clarifying questions to ensure expectations and next steps are understood Communication & Information Flow
* Support intake and coordination of inbound requests to the Security Engineering team
* Prepare clear summaries and status updates as needed
* Help ensure relevant information is shared with appropriate stakeholders
* Support prioritization discussions by maintaining visibility into current workload and commitments


Why You’ll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement – from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insuranc

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
Who You Are:
A proactive self-starter with deep expertise in application and cloud security
Passionate about secure development and enabling engineers through thoughtful guardrails
Clear and confident communicator who can influence across technical and non-technical teams
Curious about emerging threats and excited by the challenges of blockchain security
Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale
What Youll Actually Be Doing
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team.

we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
Who You Are:
You're a security engineer who's excited about the AI wave-someone who sees GenAI and LLMs as fascinating puzzles to secure, not just threats to mitigate. You've spent 5+ years in Security Engineering, AppSec, or Cloud Security, and at least 1-2 of those years have been spent getting your hands dirty with AI/ML or data -intensive systems. You're equally comfortable dissecting a prompt injection attack as you are writing a Terraform module or shipping a Python library. You know your way around AWS and/or Azure, modern app stacks ( Python /TypeScript, REST/gRPC, containers/Kubernetes), and can translate security requirements into Developer -friendly tooling-not just PDF policies that gather dust. You communicate clearly in English and Hebrew, thrive in regulated environments, and understand that security in financial services means mapping controls to frameworks like FFIEC, SOC 2, and PCI DSS-and actually having the evidence to prove it.
What Youll Actually Be Doing:

* Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
* Implement data minimization controls for GenAI/RAG workloads: context filtering, leastprivileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
* Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/ data exfiltration) and build mitigations.
* Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive- data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
* Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
* Evaluate thirdparty AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
* Partner across Security, data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
* Lead/participate in AI redteaming: automated jailbreak/promptinjection tests, safety benchmarks, purpleteam exercises, and response playbooks for AI incidents.
* Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Why Youll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first
Next Step:
Hit Apply!

Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry.
Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.
We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.
This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
Document: Draft requirement documents for security products and innovative technologies.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
Highlights:
High-growth: Over the past seven years, weve consistently achieved milestones that take other companies a decade or more. During this time, weve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
Disruptive innovation: Our founders saw that traditional security didnt work for the cloud, so they set out to carve a new path. Were relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
Well-capitalized: With a valuation of $1.8 billion, we are a cybersecurity unicorn dominating the cloud security space. Were backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.
About the role
We are in the process of crafting a dynamic, captivating, and rapidly evolving product that is reshaping the landscape of cloud security. As we expand, we are actively seeking individuals who are not only talented but also highly motivated, adept at multitasking, and proven team players to join our ranks. Our team consists of inspirational top-tier professionals dedicated to pioneering a paradigm shift in cloud security practices. We are deeply passionate about staying at the forefront of cutting-edge technology trends and are committed to integrating these innovations into our product. In this role, you will assume the pivotal position of lead developer, entrusted with spearheading the creation of innovative software products.
On a typical day youll:
Write clean, concise code that is stable, extensible, and unit-tested appropriately
Lead technical designs and implement new features end to end
Diagnose complex issues, evaluate, recommend and execute the best solution
Implement new requirements within our Agile delivery methodology while following our established architectural principles
Test software to ensure proper and efficient execution and adherence to business and technical requirements
Write code that meets the production requirements and design specifications and anticipate potential errors/issue
Provides input into the architecture and design of the product; collaborating with the team in solving problems the right way
Develop expertise of AWS, Azure, and GCP products and technologies.