לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

we are looking for a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and nation-state activities. You will join a team of motivated, independent and highly technical individuals to contribute the effort to protect customers and empower the brand.

Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal data.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for external publications and private intelligence reports.
Help creating protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist in threat intelligence and research tasks.

we are looking for an outstanding hands-on R&D Team Leader for the Threat Prevention Cloud group.

In this role, you will:

Impact Millions: Your work will directly protect millions of users from evolving threats like zero-day attacks and supply chain compromises.

Elite Team: Join a high-performing, collaborative group tackling cutting-edge security challenges.

Make a Difference: Play a pivotal role in the fight against cybercrime and leave a lasting impact.

Key Responsibilities
Build, mentor, and develop a top-notch team of 6 software engineers and cyber security experts.
Define the product roadmap and drive strategic initiatives in collaboration with stakeholders.
Design, develop, and deploy secure cloud infrastructure and cutting-edge threat prevention features.
Deep dive into cloud, networking, cyber techniques, and spearhead research and implementation.
Ensure the successful operation of a critical, internet-scale cloud production environment.

Required Senior Threat Hunter (Tools Developer) -UNIT 42
Your Impact:
Design, develop, and maintain cutting-edge security hunting infrastructures, ensuring seamless integration within the managed threat hunting teams cloud environment across various platforms, such as BigQuery Jupyter, and more
Engage in collaborative efforts with stakeholders across Palo Alto Networks to identify and craft effective solutions to the evolving landscape of cybersecurity challenges
Lead automation projects to significantly bolster our data analysis capabilities, enhancing our ability to conduct effective hunting operations
Continuously expand your understanding of the cybersecurity landscape, focusing on e-crime and APT (Advanced Persistent Threat) groups, to inform and refine our hunting strategies.

We are looking for a Security Researcher to join our EDR behavioral detection team.
You will create statistics-based classification algorithms detecting everything from new malware through process behavior and attackers operating in enterprise-scale networks using data from multiple endpoints of various operating systems; from analyzing attack patterns, finding statistical anomalies, and validating that you detect real attacks and APTs on real customer data.
Your Impact:
Research new methods to detect targeted attackers by utilizing enormous amounts and varied types of data
Simulate attacks in the lab and conduct a deep analysis of the behavior
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities
Be part of a diverse research group, improving our research processes and leading us to be a better team creating a better product
Stay up to date with APTs, attacker methodologies, and TTPs,

Our Information Security team is looking for a Cybersecurity SOC Engineer to join the Global Security Operations team and support threat detection and incident response in our internal environments. The scope of the Security Operations team spans both the Enterprise and Product environments.
You will join a team of analysts and engineers who protect the enterprise that aims to protect the world from cyberattacks. In this role, you will quickly become an expert in our security products; primarily XDR, XSOAR, Next-Generation Firewalls and Prisma Cloud. You will also provide feedback to the engineering teams to continually improve our world-leading security products.
Many SOCs are drowning in false-positive alerts, but our SOC changed the game and re-invented how Security Operations should function. Our vigilant focus on automation, prevention and high-fidelity alerts enable our analysts to be more proactive. You will not spend your day sifting through alerts. Instead, your day will be split evenly between (1) analyzing and responding to high fidelity alerts (2) proactive threat hunting and (3) contributing to a variety of different projects aligned to your personal interests.
Continuous learning is also key to our Security Operations teams philosophy. We offer many channels for learning to ensure our teammates are up to speed with the latest TTPs.
Your Impact:
Own and lead individual incident response activities by analyzing security alerts and coordinating responses - Perform in-depth event review and analysis where appropriate - Analyze events, research the potential cause, and recommend a course of action
Hunt for indications of compromise across multiple technology platforms
Continuously improve our alerting use cases and the threat hunting program
Collaborate with SOC Automation team to automate tedious, boring activities
Contribute to proof-of-concept assessments of new security products
Document generate reports detailing security incidents for security leaders and the business
Show off your excellent communication skills in post mortem reviews of incident response activities, to facilitate continuous improvement
Research security trends with the goal of improving our own processes and tools.

We are seeking a senior Threat Hunter to join Unit 42's Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
One primary responsibility of this role is to proactively search for signs of malicious activity within an organization's network. Our Threat Hunters use advanced tools and methodologies to identify anomalies and potential threats that may go undetected by traditional security solutions. Additionally, our Threat Hunters should actively engage in research and experimentation to develop new hunting techniques and stay ahead of evolving threats.
Effective communication is crucial in this role. Threat Hunters must work closely with other teams, such as Incident Response, Threat Intelligence, Customers, and cybersecurity leadership, to share findings and coordinate response efforts
Your Impact:
Help multinational organizations stay one step ahead of adversaries and cyber threats
Collaborate and guide our customers on the best ways to enhance their protection and readiness for future events
Improve our solutions by identifying and analyzing new threats and tactics
Influence the industry by sharing knowledge and findings
Collaborate with multiple research and development groups
Contribute to making the world a safer and better place.

We are looking for a Network Engineer, who is motivated, self-managed, team player with good interpersonal skills to be responsible for:

Engaging with customers worldwide to understand and address their technical requirements.
Deploying the company's cutting-edge Beta software and hardware on customers' sites, ensuring a seamless experience prior to market release.
Collaborating directly with development teams, QA engineers, and managers at all levels.
Conducting comprehensive testing, debugging, and documentation of beta deployments in simulated customer environments and during on-site activities.
Providing effective technical support to beta testing customers.

Required Security Engineer (Network & Apps Research)
We are looking for proactive, analytical talented people to join the Security Applications Content team.
As a Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to our security and network products such as NGWF, CASB, DLP and more.
Joining us is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior as part of our Networks
Security products (NGFW,CASB,DLP and more).
Suggest and conduct new research vectors
Utilize our Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.

Our platform security team (as part of the Cloud Security area) is looking for a highly skilled developer, who is comfortable with cloud-native programming

Our daily work involves experience in new technologies all the time, extensive cloud services usage (mostly AWS), design writing, and testing code in various runtimes like C#, Javascript, and more.

In this role, you will design and lead Check Point cloud platform security solutions, work closely with the architects of the Cloud Guard Security product line, and take an active part in all the software development phases starting with a POC and ending with production deployment of the product in a customer environment.

Key Responsibilities
Develop and own E2E features from design to production, addressing architecture, CI/CD pipeline, monitoring, and testing.
Working with AWS and other cloud providers
Designing and implementing software solutions using the .NET framework and other programming languages
Collaborating with cross-functional teams to identify and prioritize development efforts
Testing and debugging code to ensure functionality and performance

We are looking for a IT Cloud Engineer. This role is perfect for a highly experienced and proactive IT Engineer with vast experience in cloud security.

This job is located in Tel Aviv (hybrid).
Key Responsibilities
Lead Cloud Security and Operations projects, overseeing new technology implementation, R&D access management, and standardizations.
Manage security alerts, critical IT-RND tasks, and conduct systems administration.
Develop and implement automation scripts to streamline routine processes and tool development.
Install, configure, update, and troubleshoot cloud infrastructure tools and services for developers and R&D requirements.
Monitor internal infrastructure for high availability, optimal performance, and security.
Collaborate with FINOPS analyst to automate financial operations, reducing costs across various cloud providers.
Administer and optimize R&D SaaS applications, including GitHub, Postman, Slack, and other developer tools.

we are looking to hire a highly motivated, best-in-class Cluster Security Manager to manage the physical security at our data centers.
You will be responsible for managing the on-site operational physical security of our data centers and will have a thorough knowledge of access control systems and process, guard force management, contract management, vendor management, risk assessment & management, reporting security metrics, security audits and incident reporting.
Key job responsibilities:
Manage the daily operations of the vendors providing services, training and risk assessment; conduct investigations of Code of Conduct, and other violations, as needed
Collaborate with other teams within our company (Data Center (DC) Engineering, DC Operations, etc.) and outside (Vendors, Emergency Services, etc.) as they relate to daily operations
Develop security plans for on-site special events and other unique security situations to assure proper access control and evacuation procedures are followed
Perform data analysis and create benchmarking to support risk assessments and threat identification
Partner with DC Engineering and other business units to identify safety and security deficiencies, and develop customized policies and procedures to gain compliance with regulations internal and external
As part of a global team in this space you will also be required to work with peers in other geographic regions and travel as required by us.
We are open to hiring candidates to work out of one of the following locations:
Tel Aviv, ISR.

We are looking for a Senior GRC Specialist, experienced with cyber security regulations, financial institutions, and related compliance such as SOC2. This is a great opportunity to elevate the cyber security operations to a whole new level, understanding and securing our cloud-based technology, managing risk assessment and remediation plans, and promoting cyber security.

RESPONSIBILITIES:
Design and maintain processes, policies and related guidelines.
Conduct risk assessment on systems, processes, vendors.
Define and maintain a security maturity program.
Ensure remediation plans are implemented and carried out.
Lead our compliance operations, including ISO27001, SOC2.
Develop, deliver and maintain an ongoing Information security awareness program.
Execute the Information security audit plan.
Operate and utilize GRC tools.

we are seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Security team and will lead and support security investigations across the companys global infrastructure as well as respond to escalations from the Tier1 team. The analyst will leverage an armory of tools to investigate and respond to both external and internal security threats. Utilizing tooling, you will monitor security events in real-time, assess external and internal threats, and provide accurate and timely response. You will collaborate closely with technical teams, with a diverse set of skills to tackle the panoply of unique security challenges that we encounter scale.
Security Analyst, Security Operations and Incident Response Responsibilities
Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation.
Act as an escalation point for Tier1 investigations, contribute to the development of the Tier1 capability, and ensure adherence to internal service level objectives.
Document security investigations and produce high quality and accurate reports for a wide range of stakeholders.
Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents.
Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies.
Collaborate with cross-functional teams to drive improvements to security tools, policies and processes.
Improve the effectiveness and efficiency of the Security Operations and Incident Response team including the development and refinement of processes and technical capabilities.
Understand and support requirements of internal and external stakeholders, regulators, and auditors.

we are looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms.
Security Engineer, Incident Response Responsibilities
Lead security incident response in a cross-functional environment and drive incident resolution.
Contribute to Incident Response initiatives that improve capabilities to effectively respond and remediate security incidents.
Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment.
Perform log analysis from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats.
Perform security incident root cause analysis and drive implementation of containment and mitigation strategies.
Build automation for response and remediation of malicious activity.

we are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure