לוח משרות דרושים מומחה אבטחת מידע / סייבר

We are expanding the Security Research team for which we are looking for highly skilled and passionate Senior Security Researchers focusing on GenAI, AI Agents / Agentic AI, and their interaction with Low-Code and No-Code platforms. The ideal candidate should have a minimum of 5 years of relevant experience and a strong background in conducting research, identifying vulnerabilities, and performing in-depth analysis of web and API security within cloud environments. This role offers a unique opportunity to contribute to the security of emerging technologies that are transforming the way people and organizations use computers.

we are looking for an experienced Application Security Architect to join our Cybersecurity team. In this role, you will be instrumental in building and advancing our companys application security programs. Working closely with talented engineers, product managers, and platform teams, youll play a key role in ensuring the security of our software development lifecycle (SDLC).
Youll provide security services including secure coding practices, architecture reviews, awareness and training initiatives, and tool implementation. From threat modeling to secure development education, your contributions will directly impact the safety and resilience of our companys products.
What am I going to do?
Lead Secure SDLC Initiatives: Drive security throughout the software development lifecycle (S-SDLC), including threat modeling, risk assessments, and mitigation planning for new and existing applications.
Embed Secure Design Practices: Guide development teams on implementing secure architectural patterns, design principles, and coding standards, with emphasis on OWASP and industry best practices.
Security Tooling Strategy: Define and manage the integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools into our companys CI/CD pipelines, ensuring scalable, platform-agnostic coverage and effective vulnerability management.
Security Testing & Remediation: Perform and oversee application security testing, ensuring timely remediation of identified vulnerabilities.
Develop Security Standards: Create and maintain secure coding standards, best practices, and development guidance tailored to our companys tech stacks.
Code Reviews: Conduct in-depth manual and automated security code reviews for critical components, offering practical and constructive feedback to engineering teams.
API & Mobile App Security: Design and assess security for APIs and mobile applications, ensuring robust authentication, authorization, and data protection in line with industry standards.
Third-Party Risk Management: Evaluate the security posture of third-party libraries, components, and services integrated into our company's applications.
Cloud Security Collaboration: Partner with Cloud Security Architects to ensure secure application deployment in cloud environments (e.g., AWS, GCP), offering expert advice on cloud-native security practices.
Team Enablement & Education: Mentor development teams on emerging threats, secure coding techniques, and security-first development approaches.
Bug Bounty Program Leadership: Manage and evolve our companys bug bounty program, working with researchers and internal teams to resolve findings efficiently.

We are looking for a Senior Fraud Analyst with a passion for solving complex puzzles by investigating reactively and proactively data and live attacks. The solutions and insights you find will turn into proactive algorithms that make our community safer.
Here are a few of the things you'll do:
Discover and effectively communicate unique, actionable insights to prevent and detect attacks using our solution.
Extract data from internal systems, identify the correct metrics needed, create reports and analyze them to understand key trends.
Translate trends to prevention algorithm requirements.
Be the point of escalation to fraud investigators.
Proactively initiates and leads fraud‑risk projects from ideation through deployment, coordinating stakeholders across product, data, and engineering.

A company located in central Israel is looking for a full-time Information Security Consultant and Advisor.
This is a great opportunity to gain experience in a GRC (Governance, Risk, and Compliance) role and as an Information Security Consultant for cutting-edge tech companies, while also influencing the company and its information security posture.
Responsibilities include:
Supporting organizations in the creation and management of information security programs.
Overseeing information security systems.
Developing risk management processes.
Supporting cross-organizational processes.
Conducting information security reviews and regulatory gap assessments.
Designing and implementing security hardening processes.
The role is dynamic and includes consulting and on-site support at the client's location.
This is a full-time position.
CVs should be sent to our e-mail.

As a security sales specialist you will have the opportunity to help drive the growth and shape the future of emerging technologies that will have a significant impact on our customers technical strategy.

Key job responsibilities
Drive revenue and adoption of native security services such as our GuardDuty, Inspector, Macie, Key Management Service, CloudHSM , WAF and other offering in a defined territory.
Accelerate customer adoption by identifying specific customer segment & approach with a value proposition for using our web services.
Create and articulate compelling value propositions around our security services
Meet or exceed quarterly revenue targets, and deliver business reviews to the senior management team.
Develop long-term strategic relationships with key accounts and the security teams of our customers.

We are looking for a GRC Specialist who will be the backbone of our security compliance and customer assurance processes.

In this role, you will own real impact across sales, security, and engineering by driving customer trust, ensuring we meet the highest compliance standards, and helping close deals faster.

we have created an intuitive Social Trading platform that gives traders and investors access to global stock markets, commodity trading, cryptocurrency trading, and more. We strive to make money management available and accessible to everyone (even to users with no prior experience or knowledge). We have over 33 million users worldwide, and our platform is available in over 140 countries around the world.
With over 1500 employees worldwide, We have locations in the US, Cyprus, UK, Australia, Germany, and Israel, and we are constantly growing and expanding into new markets.
We are constantly growing and are excited to share that we are looking for a Blockchain Security Architect to join our team!
Join us as a Blockchain Security Architect at our company, where innovation meets security in the dynamic world of blockchain technology. Our mission is to build secure, scalable, and user-friendly blockchain solutions that empower businesses and individuals alike. As part of our cutting-edge team, you will play a crucial role in shaping the security landscape of new coins, blockchains, and digital assets.
We are at the forefront of blockchain security, providing top-notch services across various domains, including staking, decentralized finance (DeFi), and custody solutions. With a diverse, global team and a collaborative work environment, we are dedicated to fostering growth, learning, and excellence in everything we do.
Your Primary Responsibilities:
Security and Technical Analysis: Conduct in-depth security and technical assessments of new coins and blockchain platforms to ensure robustness and reliability.
Risk Analysis: Perform comprehensive risk evaluations for various blockchain operations such as staking, DeFi, and custody, identifying potential vulnerabilities and proposing mitigation strategies.
Secure Development Support: Collaborate closely with R&D teams to embed security into the development lifecycle, ensuring adherence to best practices and architectural guidelines.
Infrastructure and Product Security: Review and define architectural standards for blockchain infrastructure and products, fostering a secure ecosystem.
Custody Solutions Management: Develop and implement secure operational policies for custody, managing a variety of technology providers and solutions.
Perform hands-on technical operations of the Custody solution, including managing and configuring hardware and software used in Custody operations.
Set up computers from scratch, implementing both basic and advanced security policies to ensure the integrity and confidentiality of Custody operations.
Collaborate with the team to design Custody policies for all related solutions, including physical security policies and computer policies.
Risk Framework Development: Lead the creation and management of risk frameworks in coordination with internal stakeholders, focusing on security and risk mitigation.
Blockchain Monitoring and Playbooks: Define and execute on-chain monitoring strategies and develop playbooks for handling blockchain activities and incidents.

we are the trading and investing platform that empowers users to invest, share and learn. We were founded in 2007 with the vision of a world where everyone can trade and invest in a simple and transparent way. We have created an investment platform that is built around collaboration and investor education. On our platform, users can view other investors portfolios and statistics, and interact with them to exchange ideas, discuss strategies and benefit from shared knowledge. We have over 38 million registered users from 75 countries and our platform is available in 20 languages. We are a fast growing business with over 1,500 employees across 13 offices around the globe, strategically positioned to serve the needs of users. You can find out more about us here.
We are seeking an experienced Security Governance, Risk, and Compliance (GRC) Team Leader to drive our security and compliance programs while building and managing a high-performing team. This role combines strategic leadership with deep technical expertise in security frameworks and regulatory compliance within the fintech industry.
Key Responsibilities
Leadership & Team Management
- Build, mentor, and lead a team of GRC professionals, fostering a culture of excellence and continuous improvement
- Develop and implement strategic objectives for the GRC function, aligned with organizational goals
- Establish KPIs and metrics to measure team performance and program effectiveness
- Lead resource planning, budget management, and professional development initiatives for the team
Security Governance & Risk Management
- Direct the development and maintenance of the organization's security governance framework
- Oversee the enterprise-wide IT and cyber risk management program
- Lead the implementation and monitoring of security controls across the organization
- Drive security awareness and training programs across the company
Compliance & Audit Management
- Lead regulatory compliance initiatives, ensuring adherence to relevant frameworks including ISO 27001, SOC, NYDFS, and NIST
- Oversee internal and external audit processes, managing relationships with auditors and regulators
- Direct the development and maintenance of policies, procedures, and controls
- Lead the response to audit findings and oversee remediation efforts
Strategic Partnership & Communication
- Partner with executive leadership to align security initiatives with business objectives
- Lead vendor risk management program and third-party due diligence processes
- Build strong relationships with business unit leaders to ensure effective control implementation
- Present security and compliance metrics to senior management and board members.

Additionally, the ISO will manage projects related to the examination and implementation of new information security products and characterize information security solutions for related projects. The ISO will also advise on compliance with privacy and cyber protection laws and regulations, conduct information security and privacy protection surveys, and oversee ISO 27001 compliance, focusing on all aspects of cybersecurity within Application Security (AppSec), Infrastructure Security (DevSec), Governance, Risk, and Compliance (GRC), Security Information and Event Management (SIEM)/Security Operations Center (SOC), incident response, and IT security.

Responsibilities
Develop, update, and maintain a cybersecurity strategy.
Manage a risk-based cybersecurity program to secure corporate IP, technology, information, computer systems, networks, and data.
Provide guidance on proposed cybersecurity best practices to different business functions.
Develop comprehensive cybersecurity guidance, processes, and procedures based on industry standards.
Stay informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues.
Advise, counsel, and educate executive and management teams on the importance of cybersecurity.

the brand grabs attention like nothing else in cybersecurity. And were growing like crazy, with $70M in Series C funding, 200% employee growth, and 300% revenue growth in 2024. Fueling growth are our game changing agentic AI security solutions, backed by a team and culture that makes one of Forbes Best Startup Employers in America, and a Business Insider startup to bet your career on.

Life at is all gas, no brakes. Were a team of relentless, collaborative go-getters pushing the boundaries of whats possible for security automation. Every role is an essential driver of success as the AI-native autonomous SecOps platform of choice for security teams across the Fortune 500. Excited about our vision and ready to make an impact as we grow? Wed love to see what you can bring to the team.
looking for an experienced and passionate Cloud and SaaS Security professional to play a key role in advancing our security strategy.
In this role, youll take ownership of securing our cloud infrastructure, SaaS platforms, and incident response practices. You'll help shape our security posture, identify threats and misconfigurations, and respond effectively to security events.

What You'll Do
As a Senior Cloud Security Engineer at , you will:
Strengthen and maintain our cloud security posture using CNAPP tools.
Manage security controls and configurations across a wide range of SaaS platforms.
Collaborate on incident response efforts, including triage, containment, and post-incident reviews.
Develop detection content using SIEM and Hyperautomation workflows.
Evolve Incident Response and Security Operations programs to safeguard current and future assets.
Optimize and fine-tune security tool configurations to reduce false positives and increase effectiveness.
Support compliance initiatives such as SOC 2, ISO 27001, and FedRAMP readiness.
Work hands-on with the CISO and Security Manager on strategic security projects.
Partner with cross-functional teams including R&D, DevOps, and Engineering to drive security best practices

a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect customers and empower the brand.



Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.

We are looking for a highly motivated and responsible Project Manager to join the CloudGuard Network Security Products group.

In this position you will be leading internal group activities as well as cross organizational projects, involving other R&D departments, Product Management, Support, Sales, and QA.

Come join a team of driven, fun, creative minds united in delivering innovative new technology and cyber security against the ever-changing threat landscape.

Key Responsibilities
Manage development projects and product release in the CloudGuard Network Security Products group
Be part of the R&D group, targeting competitive and successful products
Managing the project full cycle from ideas through requirements, high level plan, design, execution and ending in a release
Managing the project content, quality, timeline and risks
Manage product release process including customer facing publications (Marketplaces, Public documentation portal, etc)
Directly engage with developers as well as senior management
Manage QA priorities and perform tradeoffs as needed to meet critical delivery targets
Adapt and take on more responsibilities and own your share of the product
Leading lessons learned / debriefs, tracking till final resolution and implement improvements based on conclusions

We're looking for an Application Security Researcher with a strong AppSec background to join our growing team and push the boundaries of what modern application security can do.

Passionate about AppSec? Ready to shape the future of application security tooling? Join us.

Responsibilities:

Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Write and publish technical content covering vulnerabilities, detection strategies, incident analysis, and research findings.
Collaborate closely with engineering, product, and marketing to translate research into product innovation and thought leadership.

We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

We are looking for a Red Team Expert with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement