לוח משרות דרושים מומחה אבטחת מידע / סייבר במרכז

we are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science.we ate a cybersecurity firm specializing in advanced adversary simulation and offensive security testing. We deliver Red Team assessments for Fortune 500 companies, simulating sophisticated, real-world attacks across external, internal, cloud and Active Directory environments. Our services span both stealth-based Red Team operations and risk-focused assessments, covering a wide range of attack surfaces including on-premise and cloud environments.
Responsibilities:
Participate in Red Team and Risk assessments under the guidance of senior team members
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
Learn and simulate attacker tactics, techniques, and procedures (TTPs)
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance
Participate in internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios

Job description Appdome is looking for a talented, passionate Offensive Researcher to join our innovative research team. If you’re eager to explore cutting-edge mobile security techniques and help safeguard the mobile app ecosystem, this is the role for you! As a key player in our security team, you'll design and execute sophisticated attack simulations on the Appdome platform. Your work will touch on diverse attack vectors, including file systems, networks, jailbreaks, memory injections, and more.

We are looking for an experienced Security Lead to join our team and play a key role in securing and scaling our production environments. This is a hands-on position with direct impact on system reliability, security posture, and operational excellence across the organization.

Responsibilities:

Own day-to-day security operations in a fast-moving, cloud-native environment

Lead end-to-end incident detection, investigation, and response

Own and operate core security tooling (SIEM, CSPM, CNAPP, SSDLC, EDR)

Work closely with R&D, DevOps, and IT to bake security into development and operations

Build and maintain incident response runbooks and security playbooks

Own security compliance and GRC efforts, including SOC 2

We are backed by top-tier global investors, including Sequoia Capital, Ribbit Capital, and Cyberstarts-firms known for supporting the most innovative and influential companies in technology and cybersecurity.

In this role, you will be responsible for:

Tracking and evaluating crypto-focused cybercriminals, including the tools, techniques, and procedures (TTPs) used by attackers, their motivations, and industry-wide trends.
Producing and presenting intelligence reports on relevant threat groups and campaigns, detailing methodologies and the motivations driving the activities.
Conducting research into both on-chain and off-chain crypto attack vectors, identifying attacker interests, and uncovering root causes behind incidents.
Assisting in the development of prevention strategies and detection mechanisms to mitigate future attacks.
Collecting and managing information from diverse sources such as social media platforms, messaging apps, forums, the dark web, news feeds, and other open and covert channels.
Utilizing advanced tools and investigative techniques, including OSINT and HUMINT methodologies, to generate accurate and relevant intelligence.
Communicating with customers regarding potential risks and threats, as well as working closely with Customer Success, Marketing, and Sales teams.

We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization. In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.

A day in the life and how youll make an impact:

Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
Work closely with stakeholders (CISO, COO, System Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
Perform or manage penetration testing initiatives to identify security weaknesses.

Lead, mentor, and manage a team of analysts and incident responders, fostering a culture of continuous improvement and collaboration.
Oversee real-time monitoring, analysis, and escalation of security events using SIEM, SOAR, and other security tools.
Develop, implement, and optimize SOC processes, playbooks, and standard operating procedures.
Coordinate incident response activities, ensuring timely investigation, containment, eradication, and recovery from cyber incidents.
Serve as the primary point of contact for major security incidents, coordinating with internal stakeholders and external partners as needed. Ensuring effective communication and coordination among stakeholders throughout the lifecycle of security incidents.
Stay informed on the latest cyber threats, vulnerabilities, and regulatory developments to adapt the organizations security posture proactively.
Prepare and deliver regular reports, metrics, and presentations to executive management regarding Cyber Defense Center's performance and emerging risks.
Support compliance efforts and audits related to cybersecurity frameworks (e.g., SOC2, ISO 27001).
Manage Cyber Defense Center's technology stack, including evaluating and recommending tools and solutions for threat detection and response.
Establish and lead a dedicated purple team to enhance detection, response, and resilience against threats.

We are seeking a highly skilled and experienced Security Operations Center (SOC) & Incident Response (IR) Specialist to join our security team. This role requires a deep understanding of cybersecurity threats, incident response, forensic, and advanced threat hunting techniques. The ideal candidate will possess a strong technical background, excellent problem-solving skills, and a passion for protecting our organization's critical assets.

Responsibilities:
Lead complex incident response efforts and perform deep investigations across logs, network traffic, and other data sources.
Develop and implement effective incident response plans and playbooks.
Threat Hunting: Proactively identify and investigate advanced threats and vulnerabilities.
Develop and implement threat hunting strategies to stay ahead of emerging threats.
Oversee SOC operations by monitoring, analyzing, and responding to security events while ensuring effective use of security tools and continuously improving operational processes.
Ensure effective utilization of security tools and technologies.
Work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
Design, develop, and maintain security automations and SOAR workflows to streamline SOC operations, reduce manual effort, and significantly accelerate incident detection, investigation, and response.
Initiate and lead continuous improvement initiatives aimed at optimizing operational workflows, enhancing detection and response capabilities, and expanding overall security coverage across the environment.
Research emerging threats and develop new detection use cases to enhance threat identification and prevention capabilities

We are looking for a strategic leader to evolve our Threat team into a comprehensive
Deep Research Group
. As the Head of Research, you will lead innovation across AI Security, Threat Intelligence, and our company Intelligence, transforming raw research into core platform differentiators. This is a pivotal leadership position responsible for delivering high-signal content and product-impacting discoveries that will directly influence our expansion into the enterprise market.
What You Will Build
●
Deep Research Strategy:
You will oversee the creation of next-generation security modules derived from our companys unique runtime data, transforming raw telemetry into actionable defense mechanisms and automated workflows
●
Premium Intelligence:
You will drive the development of unique intellectual property and detection capabilities that allow us to launch differentiated, premium service offerings.
● Market Impact:
Your group's research will serve as a growth engine, powering our PR, community credibility, and enterprise readiness for high-stakes environments.
Responsibilities
●
Organizational Leadership:
Lead, mentor, and scale a diverse group, including the Threat Research Team, Offensive Research Team, AI Research & Innovation Team, and OSINT/Vulnerability squads
●
Strategic Delivery:
Oversee the lifecycle of major research initiatives, from initial discovery to full productization, ensuring deep technical findings are translated into user-facing value.
●
Proactive Hunting:
Drive a proactive hunting strategy, utilizing external scanning and internal signals to uncover emerging campaigns and validate novel threats before they become widespread.
● Cross-Functional AI Integration:
Collaborate with the AI Lead and Engineering to integrate proprietary intel into our detection models and strengthen our AI-driven security architecture.

As the Technical Director for Reactive Services, you will serve as a senior-level consultant and client advocate, providing expert guidance on all facets of cybersecurity and data breach response. You will deliver strategic and technical leadership to a diverse range of clients, helping them navigate complex security incidents. Your expertise will be critical in shaping response strategies and ensuring clients effectively mitigate and recover from cyber threats.
Key Responsibilities
Provide expert-level strategic and technical guidance to clients during active data breach response and cybersecurity incidents.
Lead complex client engagements from initial scoping and resource allocation through to technical execution and final reporting.
Apply deep knowledge of forensic processes, including chain of custody, and advanced computer and memory acquisition techniques.
Utilize industry-standard forensics tools (e.g., EnCase, FTK, SleuthKit, Volatility) for in-depth analysis across major operating systems.
Challenge curiously by maintaining hyper-current knowledge of the threat landscape, emerging vulnerabilities, and attacker TTPs to inform response strategies.
Conduct detailed analysis of malware, identify persistence mechanisms, and triage threats to determine root cause and impact.
Proactively collaborate with internal teams and client stakeholders, ensuring alignment and communicating clear, actionable findings.
Develop and automate scripts and processes to simplify and enhance the efficiency of incident response scenarios.

This client-facing role requires the Principal Consultant to lead and produce deliverables for reactive services engagements. You will work directly with multiple customers and key stakeholders, from technical administrators to the C-Suite, to manage incident response engagements from start to finish and provide expert guidance on long-term security posture remediation.
Key Responsibilities
Manage end-to-end incident response engagements, including scoping work, guiding clients through forensic investigations, containing security incidents, and providing long-term remediation recommendations.
Perform reactive incident response functions, including host-based analysis of Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
Investigate data breaches by leveraging digital forensics tools (e.g., EnCase, FTK, X-Ways, SIFT, Splunk) to determine the root cause of compromises and malicious activity.
Examine firewall, web, database, and other log sources to identify evidence of malicious activity, focusing on the details to ensure a thorough and accurate investigation.
Proactively collaborate with and mentor junior team members, sharing expertise in incident response and forensics best practices to empower others and ensure team alignment.
Effectively communicate complex technical findings and strategic recommendations to both technical and executive-level stakeholders.
Travel as needed to meet client engagement demands, typically averaging 20%.

we are an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data -driven solutions to a quickly evolving industry. Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line. We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security. This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for:
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents. Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams. Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines. Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often. Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents. Document: Draft requirement documents for security products and innovative technologies.
The top candidate will also have:

* Endless curiosity and passion for emerging technology
* Ability to handle prioritize and execute multiple tasks simultaneously.
* Ability to work collaboratively across multiple departments.
* Fluent in Hebrew & English - ability to lead meetings and present.
* Strong communication and collaboration skills.
Why you should join us:

* Family-friendly environment and flexible working hours.
* Our global team is made up of awesome forward thinking, innovative go-getters.
* Learning and growth opportunities within a fast-paced tech startup environment.
* Clear career advancement path for strong performers.
* We are committed to setting each other up for success. As a member of our team, you will work within an environment that encourages growth, initiative taking and continuous mutual feedback in order to reach your full potential.
* And of course, Cibus and lots of yummy treats in the kitchen:-)

As a Staff Analyst on the Trust and Safety Analytics team, you will be responsible for identifying, making available, and leveraging critical data elements to optimize ability to fight fraud, protect its customers and enforce acceptable use of products and services. Specifically, you will focus on applying your analytical skills to design, support and scale tools, processes, and strategies that proactively identify and mitigate risks across the organization.
Responsibilities:
Collaborate closely with Engineering and Product teams to design, implement, and maintain analytics frameworks, tools, and data systems that support effective data monitoring and risk management strategies, enabling informed, data-driven decision-making.
Take an active role in the analytics team's efforts to manage and enhance Trust and Safety platform capabilities. Provide timely insights and actionable recommendations to strengthen platform performance and address emerging challenges. Develop tools and systems to measure platform health and assess risks, including designing dashboards to track performance metrics, analyze trends, and identify areas that require attention or intervention.
Ensure analytics systems are consistently reliable, accurate, and available. Establish proactive monitoring processes and implement thorough testing to detect and address issues, minimizing system disruptions or delays.
Contribute to effective incident management by using analytics to identify root causes, provide actionable insights, and continuously improve platform risk mitigation solutions.
Stay abreast of the latest developments in AI, and integrate insights into your analysis to address emerging risks

we are seeking a Staff-level Senior AI Security Researcher to join AI Adversarial Robustness Research (A2RS), a multidisciplinary team focused on securing AI and GenAI models and systems.
Were looking for innovative team players who love new challenges, enjoy cracking tough problems, and thrive in cross-functional environments.
In this role, you will partner with data scientists and security researchers to define how secures AI applications.
Responsibilities:
Research AI and GenAI systems from a security perspective to understand when and how they are vulnerable to a variety of threats
Blue team: Explore innovative ways to enhance the security of AI systems
Red team: Analyze the attack surface of state-of-the-art AI technologies
Center of Excellence: Collect and synthesize research literature and open-source tools to build and maintain a robust knowledge base for adversarial robustness of AI systems
Distill and share AI security knowledge within and externally through seminars, blogs, papers, and conference talks