לוח משרות דרושים מומחה אבטחת מידע / סייבר

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution.
You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.
Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.
Roles and Responsibilities:
Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes , managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.

We are looking for an Application Security Engineer to join our Security Engineering team.

What you will be doing:

As an Application Security Engineer , you will play a critical role in ensuring our software applications are secure by design and resilient against evolving threats. You will collaborate closely with development, DevOps, and product teams to embed security throughout the SSDLC and drive secure coding practices.

Conduct security assessments, penetration tests, and code reviews across web, mobile, and cloud applications.

Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines using platforms like Azure DevOps, GitHub Actions.

Design and enforce secure coding standards and SSDLC policies.

Collaborate with developers to remediate vulnerabilities and provide inline guidance during PR reviews.

Lead threat modeling and architecture reviews for new features and services.

Manage secrets, access controls, and data confidentiality assurance across applications.

Monitor public exposure of cloud resources and enforce Azure policies to prevent misconfigurations.

Participate in incident response and forensic analysis for application-related security events.

Deliver security awareness training and documentation for engineering teams.

Maintain up-to-date knowledge of OWASP Top 10, secure coding techniques, and emerging threats.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

Were seeking passionate professionals who thrive in a fast-paced, creative, and collaborative environment - those who want to be part of the next generation of airspace security innovation.

The Position: We are seeking a highly motivated and technically proficient Senior Security Researcher to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems What you’ll do:
* Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints and development of novel bypass techniques for established security controls
* Lead and execute comprehensive, technically rigorous security research targeting complex web and mobile applications including reverse engineering and proprietary protocols investigation


About ActiveFence:
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact—whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.



Hybrid:
Yes

This is a strategic, high-impact VP role for a visionary leader who will shape our companys global customer security strategy, strengthen executive-level trust with clients, and drive innovation in a rapidly evolving cybersecurity landscape. Reporting directly to the Global CISO, you will lead the customer-facing cybersecurity organization, ensuring alignment between client expectations and our companys security posture.
What Youll Do?
Lead Global Customer Security Strategy
Serve as the senior security representative for strategic clients, engaging with C-level stakeholders and regulators to build trust and transparency.
Define and execute a customer-centric security strategy, aligned with global standards and emerging technologies.
Act as a trusted advisor on security strategy, risk posture, and compliance readiness.
Drive Technology & Architectural Excellence
Lead Cloud Security & Multi-Cloud Governance, securing hybrid and multi-cloud environments.
Champion DevSecOps & Secure SDLC, embedding security into development pipelines.
Oversee secure adoption of Generative AI (GenAI) and other emerging technologies.
Provide expert oversight for data protection across hybrid models.
Inspire & Scale Global Teams
Lead and empower a global organization of 100+ cybersecurity professionals, fostering innovation and autonomy.
Build a culture of continuous improvement, ensuring service excellence and customer satisfaction.
Represent our company in industry forums and strategic briefings, positioning us as a trusted partner.
What Success Looks Like?
Increased customer trust and satisfaction scores.
Secure adoption of emerging technologies across global clients.
Measurable improvements in compliance readiness and risk posture.

In one sentence
The Information Security Specialist will lead the efforts to secure the company ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders questions.
What will your job look like?
You will recommend information technology policies, standards and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
You will work with the technical teams both within and outside of our company to embed, deploy or guide all security requirements.
When applicable, you will conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures and practices.
You will research and educate the IS organization around specific standards and regulations that might apply to different domains while monitoring their implementation throughout the security ecosystem and provide recommendations to the relevant stakeholders.
You will keep up-to-date with emerging security threats and alerts, emerging products, services, protocols, and standards in support of security enhancement and development efforts.
You will provide technical guidance to IS teams by means of coaching and mentorship to achieve project goals to the required level of quality. Promote team engagement, empowerment and motivation.
You will onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge.
You will enforce quality processes (i.e. performing technical root cause analysis, outlining corrective action for given problems) and ensure that all the project agreed deliverables are completed to the required level of quality.

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.
In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.
The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.
Responsibilities:
Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

we are looking for a Cybersecurity Solutions Engineer - Israel.
You will need to be a self-starter with the ability to build executive relationships, develop and execute sales strategies and tactics that maximize opportunity within the customer environment. As well as position and promote the partner and customer value proposition for Security Architecture, articulate products and business strategies, and create the demand that makes deals happen!
Serve as the subject matter expert in Security Solutions
Provide specific solution/technology/product consulting, technical and sales support for major account opportunities.
Understand and articulate Security products, technologies and architectures
Understand customer business requirements and be able to translate (map) them into technical requirements and solutions.
Create, present and document technical solutions.
Perform high-level and in-depth technical presentations for customers, partners and prospects
Drive identified major account opportunities (i.e. - technical consulting, upper-level management presentations, and technology solutions) while allowing local account team to maintain long-term relationships
Support RFPs/RFIs providing technical guidance and product expertise
Support Demos and Proof of Values
Work in collaboration with other subject matter experts when specific skills are required.
Collect and provide feedback from the field/market to Leadership/Business Units to improve products and sales operations.
Creating content and presenting at external conferences as well as Live and PVT

CodeValue is looking for a skilled and experienced Security Engineer to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows, aligning with industry best practices and compliance requirements.

Email Security is one of the fastest-growing domains at Check Point, playing a critical role in protecting organizations against advanced threats. Check Point has been recognized as a Market Leader in Gartner for Email Security, reflecting our innovation, scale, and proven success in the field.

Our platform serves thousands of paying customers worldwide, operating across multiple geographic regions and supporting a truly global user base. The system is designed as a highly scalable, cloud-native solution, built to handle massive volumes of email traffic with strict performance and reliability requirements.

We work closely with AWS to deliver top-tier performance, availability, and security, leveraging advanced cloud services and best practices to provide an exceptional customer experience.

Key Responsibilities
Lead and Mentor
Provide technical leadership and mentorship to a team of developers, fostering a collaborative and innovative environment.
Project Management
Oversee project timelines, deliverables, and resource allocation to ensure successful project completion.
Code Review and Quality Assurance
Conduct regular code reviews to maintain high code quality and adherence to best practices.
Innovation and R&D
Stay updated with the latest industry trends and technologies, and drive innovation within the team.
Performance Monitoring
Monitor and evaluate team performance, providing feedback and support to help team members grow and succeed.
Collaboration
Collaborate closely with cross-functional teams and customers to solve complex problems and innovate new features.

By joining our management team as the R&D director, you will take full responsibility of the email and collaboration product family R&D, manage a growing global team of over 50 professionals, and be at the top of technology for cloud SaaS high scale/high velocity AI/ML based security solutions, serving tens of thousands of global enterprise customers.

If you want to make a real global impact, making the world a safer place join us !

Key Responsibilities
Product Development:
Oversee the design, development, maintenance and deployment of cutting-edge cloud based email security products and features, serving tens of thousands of global enterprise customers.
Ensure products meet market needs and regulatory requirements while maintaining the highest security and coding standards.
Ensure products are developed in the most cost effective manner, deployed over multiple regions utilizing cutting edge cloud infrastructure and technologies.
Ensure products are robust, built to scale and support dynamic architecture changes for fast growing changing environments.
Ensure product is fully monitored at the highest level 24/7 by actively implementing a reliable monitoring system across multiple domains and regions.
Team Management:
Lead, mentor, and develop a growing high-performing R&D team of over 50 high skill professionals, across the globe. including group and team leaders, software engineers, data scientists, and cybersecurity experts.
Foster collaboration and cross-functional integration between R&D, product management, customer success, and other departments.
Manage our R&D team building. Recruit and support extending our R&D ever growing team to catch up with product growth.
Monitor and report on R&D performance metrics and project progress to the executive team.
Research & Innovation:
Drive research initiatives to explore new technologies, threats, and opportunities in cloud, AI/ML and email security.
Maintain a strong understanding of industry trends, emerging threats, and competitive landscape.
Drive innovation through threat modeling, prototyping, and validating emerging technologies.
Quality Assurance:
Ensure rigorous testing and validation processes to guarantee the reliability, performance, and security of products.
Implement best practices for software development and quality assurance utilizing advanced automation technologies.
Implement full system monitroing to assure production top availability and performance.
Strategic Leadership:
Develop and implement the R&D strategy in alignment with the company's product vision and business objectives.
Adopt AI/ML to enhance threat detection, anomaly detection, and behavior analysis for better email security.
Foster a culture of innovation, continuous improvement, and excellence within the R&D team.
Manage and mentor cross-functional teams of researchers, engineers, and data scientists.
Foster a culture of continuous learning, experimentation, and technical excellence.
Budget Management:
Manage the R&D budget, ensuring effective allocation of resources to projects and initiatives.
Manage email security cloud cost and drive cloud cost optimization initiatives and activities.