לוח משרות דרושים מומחה אבטחת מידע / סייבר משרה מלאה

We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

We are looking for a Red Team Expert with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

We are looking for a Cyber Security Researcher to drive innovation in security defenses for on-premises and cloud environments. Your primary focus will be twofold:

1. Researching and developing novel defensive mechanisms to detect and mitigate advanced threats.

2. Contributing to open-source security tools by developing new solutions and enhancing existing ones.If you have a passion for security research, a strong technical foundation, and a drive to make meaningful contributions to the cybersecurity community, wed love to hear from you.


Responsibilities:
Research and prototype novel security defense techniques for on-prem and cloud-based systems

Analyze modern attack techniques and develop countermeasures to mitigate them.

Design, develop, and improve open-source security tools to help defenders detect and respond to threats.

Reverse engineer malware, attack tools, and security mechanisms to identify vulnerabilities and improvements.

Investigate Windows internals and authentication protocols (NTLM, Kerberos, SAML, OAuth) to enhance security defenses.Write secure, efficient, and maintainable C/C++ code for research and tooling purposes.

Collaborate with the security research community and contribute to blogs, whitepapers, and conference talks.

Stay ahead of the evolving threat landscape and propose innovative security solutions.

Were looking for a Product Security Architect to play a key role in ensuring our ML/AI platform remains secure while fostering innovation within our R&D team. If you have a strong security background and want to impact a fast-growing company, wed love to meet you!

You will be responsible for:

Designing secure systems and conducting threat modeling for new and existing features.
Identifying and mitigating security risks in architecture, applications, and infrastructure.
Performing security assessments, audits, and ensuring compliance with standards like ISO27001, PCI-DSS, and GDPR.
Integrating security best practices into CI/CD pipelines and development workflows.
Improving Secure Development Lifecycle (SDLC) practices within R&D and Product units.
Providing guidance and mentorship to development teams on secure coding and security principles.
Collaborating with engineering, product, and DevOps teams to embed security into all aspects of development.
Reviewing tools and processes to detect security threats and enhance security posture.
Communicating security risks and recommendations to technical and non-technical stakeholders.

Were looking for a Junior BCP and GRC Analyst to join our team and help strengthen the organization's resilience and compliance frameworks. In this role, you will support the development and implementation of Business Continuity Plans (BCP), Disaster Recovery (DR) strategies, and security governance practices across the company.
Youll work closely with IT, Security, Legal, and Operations teams to coordinate drills, write and embed security policies, manage vendor risk assessments, and assist in internal and external audits. This role is ideal for someone who is detail-oriented, proactive, and eager to grow in the fields of risk management, cyber security, and compliance.
If you have strong organizational skills, a good understanding of security standards (such as ISO 27001, SOC 2, GDPR), and thrive in a dynamic,

A leader in disaggregated high-scale networking solutions for service providers and AI infrastructures. Founded in December 2015, created a radical new way to build networks by adapting the architectural model of the cloud to telco-grade networking. This solution accelerates network deployment, improves the networks economic model, and radically simplifies network operations. With customers including Comcast, Orange, and KDDI - over 80% of AT&Ts network traffic now runs through a disaggregated core powered by software. Network Cloud-AI solution, based on the same technology, was introduced to the market in 2023, providing the highest-performance Ethernet-based AI networking solution, and is already deployed by Hyperscalers, NeoClouds and Enterprises. Raising over $587 million in three funding rounds, continues to deploy the most innovative network infrastructure and is looking for the most talented people to be part of this journey.

Role Summary
We are seeking a seasoned Senior Security Engineer to lead the execution of security operations and internal security initiatives. This highly technical role will be the principal hands-on engineer responsible for securing our corporate and cloud infrastructure, supporting detection and response, and maturing security controls across the business. This role is ideal for someone who thrives in fast-moving environments, enjoys solving technical challenges end-to-end, and can independently drive security projects in close collaboration with IT, DevOps, and engineering.

Key Responsibilities
Serve as the lead technical resource for internal security operations, including:
Endpoint and network security
AWS and Azure security configuration
Identity and Access Management (Entra ID, AWS IAM)
Threat detection and incident response
Design, implement, and optimize security tooling, monitoring, and controls
Collaborate with IT, DevOps, and engineering teams to design secure architectures and troubleshoot issues
Support compliance, audit, and risk management activities through technical controls and documentation
Collaborate with and mentor other security engineers and promote security best practices across the company
Lead or contribute to cross-functional security initiatives and internal project planning

Required Cyber Intelligence & BizDev Specialist
As a Cyber Intelligence & BizDev Specialist, you will:
Create development plans for the business and R&D divisions
Identify technology market opportunities through research and meetings
Attend events such as exhibitions and conferences
Produce reports for management and colleagues.

driving and leading the next generation networks with our solution. Founded to solve the data explosion challenge, our cutting-edge technology and solution have created a paradigm shift in the economy of networks. Through smart and high-performance bit processing on merchant silicon and commodity hardware, we enable new revenue opportunities and sustainable growth for our customers, even as Internet usage explodes. Our system is a cornerstone of this mission, and we are looking for a talented developer to take it to the next level.

About the Role
We are looking for a hands-on and experienced Application Security Team Leader to drive our product and infrastructure security strategy and execution.
You will lead a team responsible for integrating security into our development workflows, managing vulnerabilities, and securing our use of open source and third-party components. This role requires both strong technical skills and the ability to lead and collaborate across multiple engineering functions.

Key Responsibilities
Team Leadership & Strategy
Build and lead the Application Security team, setting goals and ensuring successful delivery of security initiatives.
Define and drive the application security roadmap in collaboration with R&D, DevOps, and Product.
CI/CD Security Tool Integration
Oversee integration and maintenance of SAST, SCA, and DAST tools in CI/CD pipelines.
Ensure security checks are automated and embedded early in the development lifecycle.
Open Source & Package Mapping
Guide the team in mapping and maintaining an inventory of open source and third-party components across the product.
Identify critical dependencies and oversee continuous monitoring and hardening efforts.
Vulnerability Detection, Tracking & Reporting
Lead monitoring for CVEs affecting the OS, kernel, standard packages, and containers.
Ensure vulnerabilities are documented, tracked, and addressed through coordinated patching and remediation.
Communicate risks and progress to stakeholders via clear, actionable reports.
Risk Mitigation & Component Hygiene
Oversee efforts to identify and replace outdated or redundant software components.
Ensure timely updates of third-party packages to mitigate known vulnerabilities.
Promote secure software component usage and lifecycle management across teams.

We are looking for an experienced Vulnerability Researcher to lead our world-class vulnerability research team.
As a Vulnerability Researcher Team Lead, you will perform research and responsible disclosure on the latest open-source software, working with your team to find flaws in the most popular components today. The position requires proven experience in vulnerability research, both on web applications and native applications.
As a Vulnerability Researcher Team Lead you will...
Research zero-day vulnerabilities in open-source projects and popular web applications
Manage a team of senior researchers, setting the teams research targets and methodologies
Manage the coordinated disclosure process for vulnerabilities identified by the team
Write & review technical blogposts for vulnerabilities identified by the team
Speak in the most important global security conferences about vulnerabilities identified by the team.

abra is seeking for an Cyber Systems Implementer We are looking for a skilled implementation, configuration, and support of information security solutions. Responsibilities also include working with NAC systems, troubleshooting, optimizing security system performance, and conducting testing. Full-time position in Haifa, Sunday–Thursday.

Senior Security Data Analyst Client Side Protection
Join our Code Defender team as a Security Data Analyst, where you'll have ownership over the product's detection framework and lead data-driven processes to enhance and refine our security capabilities. Code Defenders mission is to detect and defend against client-side JavaScript threats like Magecart attacks, while helping our customers stay compliant with evolving security and privacy standards. This role requires a proactive and analytical professional dedicated to advancing Code Defenders detection infrastructure and metrics.
What Youll Do:
Detection Framework Ownership: Own and continuously evolve Code Defenders detection framework, leveraging data-driven processes to maximize detection accuracy and efficiency.
KPIs Dashboards Development: Design, develop, and maintain KPIs and dashboards that showcase Code Defenders performance and inform product strategy.
Detection Mechanism Innovation: Research, design, and enhance detection mechanisms to stay ahead of emerging client-side threats.
Cross-Team Collaboration: Work closely with the technical research and development teams to support end-to-end product improvements and drive a unified approach to detection enhancement.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that our company remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet our company.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

Senior Security Data Analyst Client Side Protection
Join our Code Defender team as a Security Data Analyst, where you'll have ownership over the product's detection framework and lead data-driven processes to enhance and refine our security capabilities. Code Defenders mission is to detect and defend against client-side JavaScript threats like Magecart attacks, while helping our customers stay compliant with evolving security and privacy standards. This role requires a proactive and analytical professional dedicated to advancing Code Defenders detection infrastructure and metrics.
What Youll Do:
Detection Framework Ownership: Own and continuously evolve Code Defenders detection framework, leveraging data-driven processes to maximize detection accuracy and efficiency.
KPIs Dashboards Development: Design, develop, and maintain KPIs and dashboards that showcase Code Defenders performance and inform product strategy.
Detection Mechanism Innovation: Research, design, and enhance detection mechanisms to stay ahead of emerging client-side threats.
Cross-Team Collaboration: Work closely with the technical research and development teams to support end-to-end product improvements and drive a unified approach to detection enhancement.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that our company remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet our company.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.