לוח משרות דרושים הייטק אבטחת מידע / סייבר משרה מלאה

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.

We are looking for a senior researcher to focus on vulnerability research and exploitation in embedded environments.

In this role, you will research proprietary technologies and analyze complex IoT and embedded devices.

You will be responsible for taking your research from initial discovery to a full end-to-end solution in production.

We are looking for talented, fast learners to work on vulnerability research and exploitation in embedded and IoT environments. This role is ideal for researchers with strong low-level backgrounds who want to deepen their expertise in IoT and embedded systems security while working on real-world, complex technologies

You will analyze proprietary software and hardware, apply a deep understanding of low-level systems, and take your research from initial discovery to a full end-to-end solution in production.





Requirements
5+ years of experience as a security researcher or industry-equivalent experience.
Understanding of memory corruption (Stack/Heap, UAF) and logical vulnerabilities (Injection, Logic/Design flaws, TOCTOU).
Understanding of common security mitigations such as ASLR, DEP, and CFI.
Expertise in OS internals, file systems, network protocols and cryptography concepts.
Hands-on experience with reverse engineering and debugging tools such as IDA Pro or Ghidra, and GDB.
Proficient in Assembly, C, and Python.

Are you ready to evolve from a GRC professional into a strategic leader? We are looking for a high-potential GRC Specialist to join our company. As a GRC at our company you will be responsible for aligning Fiverrs security compliance and regulatory requirements. You will be responsible for preparing the business for certifications and regulations. You will verify that existing controls are adequate and define and oversee the implementation of new security controls. In addition, you will be responsible for) Risk management, employee awareness and Vendor Security assessment. You will devise new policies and update existing ones while aligning with business processes.
What am I going to do?:
* Oversee the company's security GRC program.
* Lead annual certifications (ISO 27001, SOX-ITGC) and prepare for security audits (e.g., PCI DSS).
* Third-party risk management.
* Develop policies and guidelines aligned with security best practices for complex environments.
* Conduct risk management and build plans to mitigate risks while engaging stakeholders.
* Collaborate with IT, Legal, HR, Finance, and security teams to address gaps versus best practices.
* Drive the security awareness program and explore strategies to enhance the security posture.

since 2006, weve grown to around 5,300 employees in 22 countries, launched over 40 products, and serve over 282 million users and their visitors worldwide. here, we push you to innovate, evolve in non-traditional ways, and collaborate. we operate in small teams that work closely together at a high level.
although were already industry leaders in web creation and business, our work is nowhere near done. our goal is to become the main engine of the internet so we can create a more open web for all.
we're proud to be an equal opportunity employer. was built around the idea that everyone has the right to be successful, online. this same vision defines us as an employer: creating a work environment where everyone is welcome, and anyone has the right to succeed.
were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. this is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. in your day-to-day, youll:
investigate complex security incidents in cloud (aws/gcp), containerized (kubernetes), and endpoint environments
design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
automate forensic evidence collection and response actions across diverse platforms and services
collaborate with SOC analysts, security architects, and engineering teams to improve detection coverage and data visibility
lead incident retrospectives and document technical findings, response steps, and process improvements
develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based ir deliverables
participate in on-call rotations and contribute to incident readiness exercises and escalation protocols
we are s security guild. were a group of highly motivated security engineers that form part of the r&d group. we allow developers and users to achieve their goals without risk, often meaning we find or create unique solutions. our work is exceptionally challenging due to s scale, agility, and advanced technical diversity. when it comes to technology, we have the ultimate playground, and although we work together closely, theres always space for independence, innovation, and creativity.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team.
Job Id: 24652
This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision.
Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.


Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:

Play a lot with the web-browsers, trying to find differences in behavior between them.

Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection

Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.

Understand customer specific requirements, deliver with impact and exceed customer expectations.

Discover adversary tactics, techniques, and procedures leveraged by bots.

Create and validate data insights to enhance detection excellence.

Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.

Find bad stuff on the internet, see if you can figure out how it is done, document it.

Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.

Contribute high impact work that substantially benefits team level metrics and OKRs.

Develop techniques, tools and scripts to simplify yours and others work.

We are seeking an experienced SOC Manager to lead our Security Operations Center (SOC), with full responsibility for detection, response, and operational excellence. This role combines hands-on technical leadership with people management, process ownership, and alignment to business risk.
The SOC Manager will be accountable for the effectiveness, maturity, and scalability of security operations across the organization.
What you will do?
Oversee day-to-day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. Own day-to-day SOC operations, ensuring effective threat detection, incident response, and containment across all environments.
Develop and implement SOC policies, processes, and playbooks to improve security effectiveness.
Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Continuously optimize SIEM content, alert quality, detection coverage, and automation capabilities.
Team Management & Training- Recruit, mentor, and manage a team of SOC analysts and incident responders.
Lead incident investigation, containment, and remediation efforts, coordinating with internal teams and external partners.
Align security operations with MITRE ATT&CK, NIST, and other cybersecurity frameworks.
Produce clear, executive-level incident reporting and risk summaries for security leadership and stakeholders.
Stay updated on emerging threats, attack techniques, and security technologies to drive continuous improvements.

we are looking for an experienced and proactive Senior IT Systems Engineer to join our growing IT team.
This role will be pivotal in managing our modern, cloud-first infrastructure with a focus on Azure, AWS, Office 365, Intune, and enterprise security platforms. The ideal candidate is a senior-level engineer who thrives on automation, scalability, and supporting a dynamic, hybrid workforce.
Key Responsibilities:
Design, manage, and secure systems across Azure, AWS, Office 365, and Docker-based environments.
Oversee device management policies and compliance via Microsoft Intune across Windows, macOS, and mobile platforms.
Lead onboarding and offboarding workflows, integrating automation and security best practices.
Develop self-service solutions and automated workflows for IT operations using tools like PowerShell, Python, Azure CLI, AWS CLI, and code/no-code platforms (e.g., Workato, Torq).
Administer Entra ID (Azure AD), including conditional access, MFA, and role-based access control (RBAC).
Enforce endpoint and cloud security using CrowdStrike, firewalls, and Cato Networks, and conduct routine audits.
Troubleshoot and manage complex network environments, VPNs, and cloud-based firewalls.
Provide advanced technical support and guidance to internal IT and service desk teams.
Maintain comprehensive documentation and mentor junior staff.

Required Cyber System Engineer
Job Type: Full Time
Job Location: Beer Ya'acov
A publicly traded defense high-tech group, develops advanced systems for the Israeli defense industry. We specialize in cutting-edge technological solutions in the fields of intelligence, command and control, and cybersecurity, continuously integrating new technologies into existing systems.
We Are Hiring Cyber System Engineer
Join a unique team responsible for developing advanced cyber-defense capabilities for cutting-edge defense systems.
About the Role:
Definition, development, and management of system-level cyber defense requirements
Designing cyber defense architectures for complex systems
Writing system documentation, including requirements, design documents, test plans, and procedures
Coordination between various engineering stakeholders involved in system development

Were looking for an exceptional Lead Security Researcher to join our world-class Security Research organization. This is a hands-on technical leadership role for a senior researcher who wants to drive research direction, depth, and real-world impact.
This role sits at the intersection of deep offensive research and strategic defensive thinking - influencing how modern cloud-native attacks are detected, understood, and stopped at scale.
What Youll Do:
Provide technical leadership and mentorship to security researchers, setting a high bar for research quality, depth, and execution.
Research and analyze advanced attack techniques targeting Linux-based cloud-native environments (containers, Kubernetes, serverless).
Reverse engineer Linux malware to uncover behavior patterns, execution flows, and persistence mechanisms.
Study real-world threat actor techniques and translate insights into actionable detection, prevention, and hardening strategies.
Design and prototype advanced detection and observability mechanisms, including kernel- and runtime-level approaches (e.g., eBPF).
Turn cutting-edge research into scalable security capabilities that protect large-scale production systems.
Collaborate closely with engineering and product teams to ensure research outcomes are practical, impactful, and production-ready.
Influence Aquas long-term security strategy through research-driven insights.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.
Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.
Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.
Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.
Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.
Manage our bug bounty program, validating reports and coordinating response and resolution.
Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.
Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.
Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.
Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.
Promote a strong security culture across the company by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

Required Cyber Threat Landscape Researcher
Israel: Tel Aviv/ Hybrid (Israel)
R&D | Full Time | Job Id: 25150
Why Join Us?
The Threat Intelligence group, a key member of the Research department, leads global threat research efforts, and improves threat coverage across the evolving cyber threat landscape.
The group focuses on understanding and tracking cybercriminal organizations, nation-state (APT) actors, hacktivist activity, active malware campaigns, and emerging adversary trends. The research produced by the team supports both strategic insight and the development of advanced security technologies.
This role is responsible for conducting in-depth cyber threat landscape research and owning the full intelligence research lifecycle-from intelligence collection through analysis and written output.
Key Responsibilities:
Research and analyze cyber threat actors.
Be the first to flag trends, new malware, threat actors and intelligence items that stand out in the crowd
Execute the full intelligence research lifecycle:
Monitoring and analyzing the digital underground - including the DarkNet, the DeepWeb, and other open and restricted sources
Gather & flag intelligence that stands out.
Assess, validate, and refine raw information into high-confidence insights
Produce clear, well-structured written research and threat assessments
Build, maintain, and continuously evaluate a diverse set of reliable intelligence sources
Identify long-term trends, relationships, and shifts in adversary behavior
Conduct deep intelligence collection operations and collect proprietary intelligence
Collaborate with other researchers and internal stakeholders to contextualize findings and improve threat coverage
Maintain high analytical and research standards, including sourcing, attribution, and methodological rigor

Required Engagement Manager
Israel: Tel Aviv/ Hybrid (Israel)
R&D | Full Time | Job Id: 25158
Why Join Us?
The Engagement Manager plays a key role in shaping, packaging, and delivering our Research service offerings to both internal stakeholders and external clients. This position bridges technical expertise with business engagement, ensuring that our Research deliverables are transformed into compelling, value-driven products that support sales, strengthen customer relationships, and enhance operational efficiency across the organization.
The ideal candidate combines cyber expertise with strong communication, coordination, and client-facing skills, ensuring seamless delivery and alignment between our Research, sales teams, and customer expectations.
Key Responsibilities
Productization of our Research Deliverables:
Translate our research outputs, intelligence materials, and technical deliverables into appealing, consumable offerings for internal teams and external clients.
Continuously refine materials to align with market needs, customer expectations, and sales opportunities.
Internal Stakeholder Engagement:
Proactively engage with internal teams to gather requirements, identify gaps, and determine the most effective types of deliverables.
Evaluate how our Research outputs can support internal efficiency, drive sales, and strengthen alignment across business units.
Sales & Customer Engagement:
Act as a proactive partner to the sales organization throughout the entire customer engagement cycle.
Position our Research services offerings to prospective clients, increasing their attractiveness and supporting contract advancement.
Serve as the primary point of contact (POC) for customers engaging with our Research, ensuring smooth communication and expectation management.
Coordination & Offering Development:
Serve as the internal coordinator within our Research for building structured, scalable, and saleable service offerings.
Work cross-functionally to ensure that offerings are aligned with CPR capabilities, market demands, and sales priorities.