לוח משרות דרושים מומחה אבטחת מידע / סייבר

our company, one of the leading cyber and information security companies in the field, is recruiting for the position - Microsoft Information Security Specialist.

The role consists of:
* Design, design and implementation of complex security solutions
* Leading Microsofts POC processes
* Development, implementation and management of the field of security training
* Leading Microsoft and Cloud projects as the solution architect.

our company needs a Cyber ​​security expert.

Job description:
our company in the center of the country has a long-term full-time communications and information security person
The role includes: working on the organizations information security systems, working and experience with FIRE WALL of various information security manufacturers. Leading large projects and driving many processes and technologies in the organization.
Full-time long-term with promotion options.

looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

Main Responsibilities

Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigations, as well as security assessments.

Guide and empower team members, enhancing their technical and research skills.

Lead client-facing projects including incident response and hunting efforts for large-scale sophisticated attacks, to contain and defeat real-world cyber threats.

Collaborate and work with clients IT and Security teams during investigations.

Design and improve internal incident response technologies, methodologies, and processes.

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

We are looking for a Senior Staff Product Manager to join AI SIEM Data Platform product team to lead the vision, strategy, and execution for unified log collection from our unified agent. This role focuses on driving product direction and cross-functional delivery of agent-based collection for both Windows, MacOS, and Linux flat file logs and Windows Event Logs. The Product Manager ensures that customers benefit from a seamless, single-agent solution that streamlines log onboarding, normalization, and centralized security analytics for threat hunting, detection, response, and reporting.


What will you do?
Product Strategy and Ownership

Define product vision, priorities, and multi-phase roadmap for unified agent log collection capabilities
Lead requirement gathering and translate business needs into clear, actionable product requirements
Own the lifecycle of agent log collection features from ideation through development, launch, and ongoing iteration
Collaborate with engineering, UX, and architect teams to design configurable, user-friendly log collection workflows.
Collaborate with cross-functional product areas to specify requirements for agent-side features
Establish technical and UX specifications for integration with the Singularity Operations Center
Champion the consolidation of flat file log, event log, and telemetry collection into a unified, enterprise-grade agent deployment
Minimize operational overhead and complexity for customer environments
Ensure secure, performant, and reliable ingestion of collected logs into the AI SIEM/Singularity Data Lake
Drive initiatives on data normalization, parsing, and searchability to maximize downstream analytics and compliance value
Develop enablement material, size and performance guidance, and support playbooks for internal and external stakeholders
Serve as an escalation point for validation, troubleshooting, and feedback cycles with field, support, and customer teams

we are looking for a Cloud Security Researcher.
As a Cloud Security Researcher, you will explore and exploit cloud-native attack surfaces, uncovering new vulnerabilities and researching misconfigurations across AWS, Azure, GCP, and container ecosystems. Youll work on offensive cloud security projects that blend creativity, technical depth, and innovation, contributing to cutting-edge tools and methodologies.
Roles and Responsibilities:
Research and develop novel attack techniques targeting cloud environments and infrastructure.
Analyze and exploit vulnerabilities across multi-cloud platforms (AWS, Azure, GCP).
Identify and document security flaws in cloud configurations, networking, and identity systems.
Perform hands-on testing in containerized and Kubernetes-based systems.
Collaborate with engineering and product teams to translate research into security features and best practices.
Develop PoCs, tools, and scripts to automate vulnerability discovery.
Contribute to the wider security research community through responsible disclosure and technical publications.
Stay ahead of emerging cloud threats, security trends, and adversarial TTPs (MITRE ATT&CK, OWASP Cloud-Native Top 10).

We are looking for a hands-on cybersecurity expert to serve as a trusted technical advisor for our customers.
In this role, you will leverage your in-depth knowledge of the cybersecurity landscape, Pentera platform, and security validation principles to lead technical deep-dives, guide remediation strategies, and ensure successful deployment.
Acting as the bridge between the field and R&D, you will combine technical and problem-solving skills with strong communication abilities to drive platform adoption and enhance customer security maturity.
Roles & Responsibilities:
Demonstrate deep technical mastery of the Pentera platform and its integration across customer networks, endpoints, authentication, and security controls.
Lead technical deep-dives with security teams (SOC, IR, Red/Blue) to review findings, explain and analyze attack vectors, and guide remediation based on real-world offensive techniques.
Provide end-to-end support for deployment, configuration, and complex troubleshooting, while advising on security risks, misconfigurations, and validation procedures.
Drive customer success, retention, and platform adoption by providing consistent technical guidance on cybersecurity trends and identifying opportunities for expanded use.
Act as the technical voice of the customer, channeling operational feedback and needs internally to Product, R&D, and Support teams.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution.
You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.
Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.
Roles and Responsibilities:
Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes , managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.

We are looking for an Application Security Engineer to join our Security Engineering team.

What you will be doing:

As an Application Security Engineer , you will play a critical role in ensuring our software applications are secure by design and resilient against evolving threats. You will collaborate closely with development, DevOps, and product teams to embed security throughout the SSDLC and drive secure coding practices.

Conduct security assessments, penetration tests, and code reviews across web, mobile, and cloud applications.

Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines using platforms like Azure DevOps, GitHub Actions.

Design and enforce secure coding standards and SSDLC policies.

Collaborate with developers to remediate vulnerabilities and provide inline guidance during PR reviews.

Lead threat modeling and architecture reviews for new features and services.

Manage secrets, access controls, and data confidentiality assurance across applications.

Monitor public exposure of cloud resources and enforce Azure policies to prevent misconfigurations.

Participate in incident response and forensic analysis for application-related security events.

Deliver security awareness training and documentation for engineering teams.

Maintain up-to-date knowledge of OWASP Top 10, secure coding techniques, and emerging threats.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

Were seeking passionate professionals who thrive in a fast-paced, creative, and collaborative environment - those who want to be part of the next generation of airspace security innovation.

This is a strategic, high-impact VP role for a visionary leader who will shape our companys global customer security strategy, strengthen executive-level trust with clients, and drive innovation in a rapidly evolving cybersecurity landscape. Reporting directly to the Global CISO, you will lead the customer-facing cybersecurity organization, ensuring alignment between client expectations and our companys security posture.
What Youll Do?
Lead Global Customer Security Strategy
Serve as the senior security representative for strategic clients, engaging with C-level stakeholders and regulators to build trust and transparency.
Define and execute a customer-centric security strategy, aligned with global standards and emerging technologies.
Act as a trusted advisor on security strategy, risk posture, and compliance readiness.
Drive Technology & Architectural Excellence
Lead Cloud Security & Multi-Cloud Governance, securing hybrid and multi-cloud environments.
Champion DevSecOps & Secure SDLC, embedding security into development pipelines.
Oversee secure adoption of Generative AI (GenAI) and other emerging technologies.
Provide expert oversight for data protection across hybrid models.
Inspire & Scale Global Teams
Lead and empower a global organization of 100+ cybersecurity professionals, fostering innovation and autonomy.
Build a culture of continuous improvement, ensuring service excellence and customer satisfaction.
Represent our company in industry forums and strategic briefings, positioning us as a trusted partner.
What Success Looks Like?
Increased customer trust and satisfaction scores.
Secure adoption of emerging technologies across global clients.
Measurable improvements in compliance readiness and risk posture.