לוח משרות דרושים מהנדס סייבר

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.
In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.
The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.
Responsibilities:
Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

Were looking for a Senior Security Platform Engineer to join our team and work at the intersection of Security technology, and business. This role is about impact - not just ownership, not just execution, but building solutions that actually get used.
This role is based in Tel Aviv. We work in a hybrid model, with 3 days a week in the office.
Your impact and responsibilities:
Support, maintain, and operate network, data, and AI security controls across our company production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing

we are looking for a AI Security Engineer.
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
What Youll Actually Be Doing:
Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
Implement data minimization controls for GenAI/RAG workloads: context filtering, least‐privileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/data exfiltration) and build mitigations.
Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive-data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
Evaluate third‑party AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
Partner across Security, Data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
Lead/participate in AI red‑teaming: automated jailbreak/prompt‑injection tests, safety benchmarks, purple‑team exercises, and response playbooks for AI incidents.
Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
What Youll Actually Be Doing:
Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
Lead and scale a Security Champions program embedded within engineering teams
Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the team

we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of Embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - were reshaping how financial technology is developed and delivered..
The Role:
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
Who You Are:
You're a security engineer who's excited about the AI wave-someone who sees GenAI and LLMs as fascinating puzzles to secure, not just threats to mitigate. You've spent 5+ years in Security Engineering, AppSec, or Cloud Security, and at least 1-2 of those years have been spent getting your hands dirty with AI/ML or data -intensive systems. You're equally comfortable dissecting a prompt injection attack as you are writing a Terraform module or shipping a Python library. You know your way around AWS and/or Azure, modern app stacks ( Python /TypeScript, REST/gRPC, containers/Kubernetes), and can translate security requirements into Developer -friendly tooling-not just PDF policies that gather dust. You communicate clearly in English and Hebrew, thrive in regulated environments, and understand that security in financial services means mapping controls to frameworks like FFIEC, SOC 2, and PCI DSS-and actually having the evidence to prove it.
What Youll Actually Be Doing:

* Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
* Implement data minimization controls for GenAI/RAG workloads: context filtering, leastprivileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
* Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/ data exfiltration) and build mitigations.
* Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive- data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
* Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
* Evaluate thirdparty AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
* Partner across Security, data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
* Lead/participate in AI redteaming: automated jailbreak/promptinjection tests, safety benchmarks, purpleteam exercises, and response playbooks for AI incidents.
* Enable the org with concise guidelines, examples, and training on safe AI development and usage.

Why Youll Love Working Here:

* Flexible hybrid work model: three days a week at our Jerusalem office
* Monthly wellness reimbursement - from therapy to gel manicure, it's up to you
* Full Keren Hishtalmut, private health and dental insurance
* Volunteer days, donation matching, Yoga and Pilates
* A supportive, collaborative culture that puts our people first
Next Step:
Hit Apply!

Were a team of smart, curious engineers building scalable, reliable systems that power content creation for millions. We work with modern web technologies, tackle real-world challenges in distributed systems, and keep things practical - no overengineering, just solid solutions. If you love solving tough problems, moving fast, and building tech that creators actually use, youll fit right in.
On your day to day:
As a dedicated Platform Security Engineer, you will bridge the gap between code and infrastructure to build a fortress around our creators' content. Youll spend your time defining and implementing high-level security processes while rolling up your sleeves to fix vulnerabilities alongside our DevOps team. From architecting DSPM strategies for massive distributed video data to hardening our SDLC, you will be the ultimate owner of our security posture. You wont just be monitoring dashboards; youll be collaborating directly with developers to ensure security is a fundamental part of our engineering.