לוח משרות דרושים מומחה אבטחת מידע / סייבר במרכז

Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

In this role, you'll be a trusted point of contact for physical site security, ensuring daily operations run smoothly and securely. You'll execute established security plans, respond to incidents, and coordinate with onsite vendor guarding teams to ensure standards are met. You'll work collaboratively with business groups and local leaders to support their physical security needs.

Additional responsibilities include but are not limited to:
- Execute and maintain site-specific security procedures and operational plans
- Manage the onsite vendor guarding deployment on a day-to-day basis, ensuring alignment with Apple's standards and requirements
- Serve as the physical security point of contact for business groups across the Herzliya campus
- Respond to and coordinate security incidents, escalating appropriately
- Support the planning and execution of secure events and assignments on site
- Maintain strong working relationships with other supporting functions, EHS, andPlaces teams
- Manage field security requests for short-term and non-recurring assignments
- Support project activities, including attending meetings and communicating updates.

we are looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environments-Windows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

We are seeking a GRC Security Specialist to join our Cyber GRC Team. You will be joining a tight-knit and highly respected team of GRC experts who are central to our security strategy. In this role, you will be at the heart of protecting our global financial platform, directly influencing the trust and safety of millions of users worldwide.
What you'll do:
Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
Develop a Cyber security compliance strategy and approach and ensure compliance with contractual requirements and globally recognized standards and guidelines.
Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
Conduct and participate in periodic internal reviews or audits to ensure that compliance procedures are followed.
Oversee and evaluate compliance systems to ensure they function effectively.
Compile and present reports to management on compliance activities and progress.
Stay updated on industry developments, regulatory trends, and best practices to evaluate their potential impact on the organization.
Design and implement enhancements in compliance communication, monitoring, and enforcement mechanisms.
Develop and execute a compliance awareness program, including the creation and distribution of materials for all employees.
Partner with Legal and IT teams to manage data protection agreements and compliance initiatives.
Lead the development and execution of company-wide security awareness and training initiatives.
Assist in incident response planning and investigations when necessary.

Our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC.
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks.
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews.
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements.
Automate security processes and integrate security tools within CI/CD pipelines.
Develop and deliver secure coding training to engineering teams.

We are seeking a highly skilled and experienced Attack Team Leader to lead a specialized attack team focused on developing offensive, production-ready attack capabilities. This is a research and development (R&D) role at the core of our offensive security efforts. You will be responsible for architecting and delivering advanced low-level attack components used in evasion techniques, red team tooling, and adversary simulations.
You will be hands-on in both leadership and development, guiding technical direction, mentoring engineers, and contributing code to offensive attack components.
The Impact You Will Have
Lead the design, development, and deployment of production-grade offensive capabilities targeting application and OS CVEs exploits
Develop attack components for Windows/Linux including OS-level evasion mechanisms
Implement Python bindings to connect native low-level components with Python-based research tools and automation
Research and develop bypass techniques for modern security controls
Collaborate with the Research Team and other R&D stakeholders to implement and refine offensive concepts
Provide technical mentorship and drive engineering best practices within the team
Harness AI coding agents to streamline the above processes

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution. You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.

Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.



Roles and Responsibilities:

Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

Were looking for a hands-on Infrastructure Security Engineer to own and secure our hybrid infrastructure and help us stay ahead of evolving threats.
Your mission:
Secure and operate hybrid infrastructure across Azure, AWS, and on-prem data centers
Identify, assess, and mitigate vulnerabilities in Windows, Linux, and network layers
Configure and manage security controls: Defender for Cloud, Defender for Endpoint, WAFs, Firewalls, Switches
Investigate and respond to SOC alerts, perform root cause analysis, and mitigate advanced threats
Enforce security policies, patching, and compliance (GDPR, SOC2)
Partner closely with Infra, IT, and Security teams to design and improve secure architectures
Evaluate and introduce next-gen security platforms aligned with business needs.

We are looking for an Operational Security Specialist Intern to join our expanding Data Centre team.
As a Data Centre Operational Security Specialist Intern, you will be tasked with driving operational security excellence within our Data Centres. You will write reports, create presentations and communicate with management on the status of physical security operations.
Are you ready to embrace the challenge? Come build the future with us.
Key job responsibilities:
Interface and direct vendors involved in new security construction, repairs, daily security operations and patrols, and planning.
Extract metrics and observe improvements by looking at hard data.
Make suggestions on improving electronic surveillance and access controls.
Direct efforts to educate data center occupants on false alarm reductions.

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed.
This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.
We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles.
You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team.
Specifically, your focus will be on:
Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests.
Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements.
Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis.
Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings.

We are looking for an experienced Senior SOC Analyst to join our SOC team.
Responsibilities:
Being an active part of our SOC monitoring team.
Part of the daily tasks include investigating security-related cyber incidents while using a wide variety of different security systems.
The investigations are mostly independent and require strong analytics and creative thinking while using a wide variety of intelligence sources alongside common security tools.
Writing investigation reports (tickets), and direct interaction with clients / end-users via email or phone.

lookout for a highly skilled Senior Network Cyber Security Specialist to join our team. This role is critical for securing and maintaining robust, scalable, and secure network infrastructures in complex, multi-cloud environments (primarily Azure and AWS), cloud-native security controls and be able to handle end-to-end network security across distributed systems, hybrid environments, and multiple security domains. You will be a key player in securing the enterprise at every layer of the OSI model.



What youll do:
Comprehensive Network Security Management:
Secure and optimize complex hybrid networks, integrating Software-Defined Networking (SDN) across on-premises, Azure, and AWS, while implementing micro-segmentation strategies using tools like NSX, Azure Virtual Network (VNet) Peering, and AWS Security Groups.
Implement next-gen firewalls and intrusion detection/prevention systems (IDS/IPS), such as Palo Alto Networks or Fortinet.
Design end-to-end encrypted network connections with advanced key management techniques and certificate-based authentication to secure data in transit across public and private interfaces.
Threat Detection and Incident Response:
Implement real-time threat detection and response systems using machine learning and advanced analytics.
Establish incident response frameworks to handle high-priority security events.
Multi-Environment Security Integration:
Architect and secure highly available, multi-region, and multi-environment networks, utilizing Azure Global VNet Peering, AWS Global Accelerator, and cross-region replication to ensure data security and high-performance across geographies.
Ensure security compliance and policy enforcement across cloud, on-premises, and edge environments through centralized security management tools such as Azure Policy, AWS Config, and Terraform Sentinel.

The ideal candidate will specialize in security tools like EDR, data protection, email protection, DNS protection, Cloud Security and SASE. Responsibilities include configuring, maintaining, and automating security tools, addressing weaknesses, and researching new threats. The candidate will build, install, and configure security solutions, ensuring operational compliance with established baselines. He will also evaluate controls for improvement, write technical standards, and stay informed on emerging security trends.



Job Description:
Evaluate, implement, and manage a wide range of cybersecurity products.
Lead information security projects from evaluating the system up to deployment across the organization.
Response to cybersecurity incidents.
Assisting in deploying automation of operational processes and procedures.
Identify weaknesses, propose, plan, and deploy improvements to address and enhance the infrastructure design.
Research new and emerging security attacks and develop techniques to control risks.
Maintain operational configurations of all in-place security solutions per the established baselines.
Works closely with IT teams to implement technical and procedural controls.
Evaluate each control, technology, and gap for potential improvement and refinement.
Follow security-related policies, standards, procedures, and guidelines.
Replies to security-related inquiries from prospects, customers, and other entities.
Reports to the Security Operations Manager.