לוח משרות דרושים הייטק אבטחת מידע / סייבר עבודה היברידית

As a defensive security researcher, you will:
Perform attacker tradecraft research and threat landscape investigation across on-prem & cloud-based attacks spanning identities and applications.
Threat hunt to discover real-world advanced attacks and design and implement automated detection and disruption actions based on alerts and signals.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Design and develop new detection logics to protect customers from attacks.

***Our interns work part time, all year round***

Be a part of the team that is instrumental in constructing one of Microsoft's most exciting security solutions. In an era of increasingly sophisticated cyber-attacks, the Microsoft 365 Defender security suite has emerged as a vital tool for enterprises, enabling them to identify, scrutinize, counter advanced breaches and data intrusions within their networks and manage their security posture.

Our Israeli research team is looking for a security researcher who can help our customers, of all sizes, improve their security and protect them from cyber threats.

We value diversity and welcome candidates with different experiences and perspectives. If you are a team player who loves creating products for and with customers, come join us and be part of building a better world.

Responsibilities:
Performing attacker tradecraft research and threat landscape investigation across on-prem & cloud-based attacks spanning identities and applications.
Threat hunting to discover real-world advanced attacks and designing and implementing automated detection and disruption actions based on alerts and signals.
Contributing to active engagement with the security ecosystem through papers, presentations, and blogs.
Providing subject matter expertise to customers based on industry attack trends and product capabilities. 

This role requires cross-team and cross-geo collaboration, and an ability to represent highly technical research and threat information to a range of audiences. This ranges from other security subject matter experts (inside and outside the company) to partner teams and supporting some customer engagements. You will be persuasive in getting buy-in for your ideas both within the company`s Threat Intelligence Center and from key engineering groups across our company, working in partnership with them to protect both our assets and also our wider customer base through improved product and services offerings. You will strengthen existing partnerships and build new ones with key organizations deliver benefit to us and our customers.

We are seeking a highly skilled and motivated Mobile Intelligence Analyst to join our dynamic team in Israel. In this role, you will play a crucial part in supporting our red team efforts and collaborating on key projects with our strategic clients. You will be responsible for conducting in-depth analysis of mobile intelligence data, writing comprehensive reports, and providing valuable insights to inform decision-making processes.
Responsibilities:
Conduct thorough analysis of mobile intelligence data to identify emerging threats, trends, and patterns.
Collaborate with the red team to assess security vulnerabilities and develop effective strategies for mitigation.
Collaborate with internal technical teams to understand their unique requirements and deliver tailored intelligence solutions.
Produce high-quality intelligence reports and presentations that effectively communicate findings and recommendations.
Maintain a high level of organization and attention to detail in all aspects of work, including data management and documentation.
Demonstrate strong teamwork skills and the ability to collaborate effectively with colleagues across different teams and departments.
Take ownership of tasks from start to finish, demonstrating initiative and leadership throughout the process.
Stay up-to-date with the latest developments in mobile technology, cybersecurity threats, and industry best practices.
Utilize SQL for data analysis and querying, extracting insights from large datasets to inform strategic decisions.

We are looking for a talented, experienced Malware Researcher to join our Malware team.
What You'll Do:
Analyze complex applications and SDKs and understand how they work while overcoming obfuscation & encryption.
Take part in developing internal security tools.
Participate in large security projects.
Find the bad guys, take them down, feel proud.

Required Gen AI Security Researcher
ABOUT THE POSITION
As a Red Team Specialist focused on Generative AI Models, you will play a critical role in enhancing the security and integrity of our cutting-edge AI technologies. Your primary responsibility will be to conduct simulated cyber attacks and penetration testing on our generative AI systems, including but not limited to language models, image generation models, and any related infrastructure. The goal is to identify vulnerabilities, assess risks, and provide actionable insights to fortify our AI models against potential threats.
Key Responsibilities:
Simulated Cyber Attacks: Conduct sophisticated and comprehensive simulated attacks on generative AI models and their operating environments to uncover vulnerabilities.
Vulnerability Assessment: Evaluate the security posture of AI models and infrastructure, identifying weaknesses and potential threats.
Risk Analysis: Perform thorough risk analysis to determine the impact of identified vulnerabilities and prioritize mitigation efforts.
Mitigation Strategies: Collaborate with development and security teams to develop effective strategies to mitigate identified risks and enhance model resilience.
Security Protocols Development: Aid in the creation and refinement of security protocols and best practices for the development and deployment of generative AI models.
Research and Innovation: Stay abreast of the latest trends and developments in AI security, ethical hacking, and cyber threats. Apply innovative testing methodologies to ensure cutting-edge security practices.
Documentation and Reporting: Maintain detailed documentation of all red team activities, findings, and recommendations. Prepare and present reports to senior management and relevant stakeholders.
Training and Awareness: Provide guidance and training to technical and non-technical teams on security awareness and best practices related to generative AI.

We are seeking a highly skilled and experienced Director of Mobile Threat Analysis to lead our team of mobile threat analysts in Israel.
The Director of Mobile Threat Analysis will be responsible for managing and developing the team, defining strategies for threat detection and mitigation in mobile environments, and ensuring the delivery of actionable insights and solutions to our clients.
This role will also involve close collaboration with our reverse engineering team.
Responsibilities:
Lead and manage a team of mobile threat analysts specializing in various verticals, ranging from content violations to technical malware research.
Define and implement strategies for mobile threat detection and mitigation, leveraging advanced techniques and technologies to stay ahead of emerging threats.
Oversee the analysis of mobile-related threats and incidents, providing timely and accurate assessments to clients and internal stakeholders.
Act as a client-facing subject matter expert on mobile security, working closely with our most strategic clients to understand their unique challenges and requirements, and providing tailored solutions and recommendations.
Collaborate closely with our reverse engineering team to analyze and understand sophisticated mobile threats, malware, and attack techniques.
Collaborate with cross-functional teams, including product management, engineering, and sales, to ensure alignment between threat analysis efforts and business objectives.
Stay up-to-date on the latest trends and developments in mobile security, continuously enhancing the team's capabilities and expertise.
Establish and maintain relationships with external partners, including industry organizations and industry events, representing the company and speaking.

We are looking for a Android Security Researcher II.
The Security Researcher focuses on deep research of new vulnerabilities
and exploits, including how to use this knowledge to the benefit of our customers and the security product suite.
The work includes reverse engineering, so requires a deep understanding of the target operating system, and relevant tools and techniques. Depending on the specific role, Security Researchers will be expected to deliver product detection enhancements (including code and/or rules), POCs of exploits, CVEs, and marketable research.
Security Researchers will have access to cutting-edge technology only found within the Threat Labs team.
Security Researchers analyze customer detections, informing our response and further development of our proprietary threat intelligence and security capabilities.
What you can expect to do in this role:
Perform research, including reverse engineering, into novel and zero-day vulnerabilities and exploits, using of in-house and 3rd party tooling, providing recommendations on how to protect our customers.
Perform analysis of customer detections generated by our platform to determine accuracy; recommend detection changes accordingly.
Research new ways to detect malicious activity using custom-built tooling.
Stay up to date on the latest malware trends and OS developments.
Development and maintenance of custom research tools to assist in day-to-day tasks.
Support sales and marketing by supporting the creation of marketable material and thought leadership.
Perform other duties and special projects as assigned.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback

Security Researcher plays a critical role in advancing our mobile security research efforts.
This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research.
What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.

We're looking for a Security Operations (DevSecOps) Engineer to help enhance the security and efficiency of our software solutions.
In this role, you'll work closely with the development and implementation teams, supporting key accounts and ensuring our services are secure and compliant with industry standards.
What will you do:
Manage security protocols across all platforms to prevent unauthorized access.
Analyze and respond to security threats in real-time.
Work with Engineering and Data Leadership to improve security strategies.
Lead and participate in large-scale technical projects focused on security enhancement.
Identify and address security loopholes proactively.
Respond to security incidents quickly, analyze them, and prepare incident reports.
Ensure security is integrated during the development phase (CI/CD)Assist in compliance audits for SOC 2 and HIPAA.
Explore and implement advanced security tools and frameworks.
Promote security awareness within the team.

Required Application Security Engineer
As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC).
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications.
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass.
Conduct threat modeling and architecture security review.
Develop and maintain secure coding standards and guidelines for application developers.
Monitor and analyze security incidents and provide timely response and resolution.
Stay current with emerging threats, vulnerabilities, and industry best practices in application security.
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts.
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes.
Deliver secured development training to developers.

As a Security Researcher, you will be:

Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding and exploiting vulnerabilities and circumventing modern mitigation techniques