לוח משרות דרושים מומחה אבטחת מידע / סייבר

We are looking for a highly skilled Product Security Architect to join our team at our company. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our company's development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

We are looking for a Malware Analysis Team Leader with a deep focus on cybercrime investigations to lead a dynamic team of experts dedicated to identifying, analyzing, publishing, and mitigating cybercrime-related threats. This leadership role will drive advanced malware analysis efforts, conduct threat research, publish in top conferences and blogs, and coordinate with internal and external stakeholders to combat and prevent cybercriminal activities. The ideal candidate will have strong technical expertise in malware reverse engineering, a deep understanding of cybercrime tactics, and excellent communication skills, including the ability to present findings clearly and publish research for internal stakeholders and the broader cybersecurity community.

Key Responsibilities
Lead the Malware Analysis Team: Manage and mentor a team of skilled researchers on identifying, analyzing, and mitigating malware associated with cybercrime, including ransomware, banking Trojans, exploit kits, and other forms of cybercriminal malware.
Cybercrime Threat Intelligence: Collaborate with threat intelligence teams to analyze malware in the context of cybercrime syndicates and criminal activity. Identify trends, tactics, and patterns in malware usage by cybercriminal groups and provide actionable intelligence to relevant teams and external partners.
Malware Reverse Engineering: Lead efforts in reverse-engineering malicious software, tracking variants, and identifying attack techniques, tactics, and procedures (TTPs) cybercriminal actors use.
Cross-Functional Collaboration: Work closely with internal teams (e.g., Incident Response, Threat Intelligence, SOC) and external stakeholders (e.g., law enforcement, CERT, threat intelligence providers) to share findings, collaborate on investigations and coordinate actions to disrupt cybercrime activities.
Publication and Thought Leadership: Produce detailed, high-quality research reports and technical papers based on malware analysis and cybercrime investigations. Contribute to the publication of findings in industry-leading forums, conferences, and journals, establishing the organization as a thought leader in cybersecurity.
Presentations and Reporting: Prepare and deliver presentations to technical and non-technical stakeholders, including executives, legal teams, and law enforcement. Communicate complex findings, research insights, and actionable intelligence on cybercrime and malware trends.
Training and Development: Mentored junior team members, providing guidance on malware analysis techniques, threat hunting, and reporting. Foster a culture of continuous improvement, encouraging knowledge sharing and professional development within the team.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security frameworks such as SALSA. This position reports directly to an R&D VP.

Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for a Cyber Threat Intelligence Analyst to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers.

Key Responsibilities
Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
Investigating intelligence sources, threat actors, attack tools and techniques
Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
Joining meetings with prospects and clients to present deliverables.
Drive cooperation & feedback loops with other ERM teams

We are looking for a Corporate Development Director to join our team. In this role you will play a pivotal role in shaping the companys strategic growth through acquisitions, partnerships, and ecosystem expansion. This is not just a deal-making role its a leadership position at the intersection of business strategy, technology, and innovation. You will work closely with executive leadership, product teams, and external partners to identify transformative opportunities across cybersecurity domains like SASE, Cloud Security, and SecOps.

If you thrive in fast-moving environments, have deep industry insight, and are ready to influence the future of cybersecurity, we want to hear from you!



Key Responsibilities


Ecosystem Relationships, Deal Sourcing
Proactive out-reach to start-ups and mature companies in ecosystem understand offerings, build and maintain relationships
Maintain relationships with cybersecurity focused investment banks, VCs, PEs
Source, screen and manage an on-going deal flow of acquisition opportunities.
Strategic Domain Leadership-- E.g. SASE, Cloud Security, SecOps, Managed Services, etc.
Deep domain understanding (customer value, use cases, technologies, offerings, vendors)
Know on a personal deep level all companies active in the domain (startups and mature co)
Work with R&D and PM to understand CHKP product roadmap in the domain and define Corp Dev strategy (Build/Partner/Buy)
Assist R&D and PM in partnership / OEM discussions
Lead the evaluation of M&A target companies
M&A Due Diligence Leadership
Project Manage DD process - internally and vis-à-vis the target company

Engage with all DD Team Leaders to define their scope of DD and key questions
Facilitate Team Leaders meetings with their target company counterparts; prepare agendas; ensure good communication
Issue DD findings reports
Present DD finding to Management
M&A Deal Making
Play significant role in M&A deal making process (legal, finance, accounting, tax, HR aspects)

Our Advanced Security Center is a global leader in information security services. As part of Ernst & Young's worldwide network, we are in Tel Aviv. Among our clients, you will find global companies, US governments, technology companies, financial institutions, utility companies, blue-chip firms, and many others.

Our employees are at the forefront of the information security field, with best practices in penetration testing, thorough research, homegrown tools, and more.
We provide an extensive training program that enables programmers, infrastructure, and network engineers to transition into the security profession and develop a long-lasting career path.

Job Description:
The work involves simulating attack scenarios against various applications, infrastructure, and network solutions on a wide range of platforms and technologies.
In addition to penetration testing and forensic services, we also offer consulting services, secure design and development services, and training.

Our Technology Consulting team is looking for a Cybersecurity Consultant to join our cyber department.

The Cyber Department works with a variety of clients in different fields: Government, Hi-tech, Industry, Retail, Hotels, Defense and more.

The Job Will Include:
Client Engagement: Leading, guiding and advising to clients in Israel and abroad as well as joint projects with various partners of KPMG global on cyber security projects based on methodology, regulation and standards.
Technologies: Work with different aspects of cyber security in multiple fields such as IT, OT & Cloud.
Security Assessments: Carrying out risk surveys including cyber, operational and supply chain risks.
Advisory and Strategy Development: Developing business continuity plans (BCP) ,cyber security and maturity programs, secure architectures, policies and information security procedures.
Collaboration: Leading representative and high-profile meetings with client internal senior management.

We are continuously expanding the capabilities , actively listening to customers and responding to their needs. We are looking for Senior Detection AI Engineer with passion and experience in AI / Machine Learning, who will be directly involved in developing our core detection technology and ensuring we are always staying ahead of cybercriminals.
What Will You Do?
Be part of a globally distributed team of Cyber Security Researchers and Data Scientists.
Focus on applying the latest machine learning and deep learning advancements to detect and defeat threats.
Train models using the companys vast real threat data.
Develop features to support engineering teams and improve customer visibility into endpoint health.
Collaborate with multiple engineering teams to design and build new detection capabilities.
Contribute to industry-leading cybersecurity platform.
As a Senior-level engineer, inspire and provide technical leadership to others.

About us: We are an Israeli research and development company specializing in analyzing cyber and technological security threats. We design secure architectures and controls for complex systems, providing cyber-resilient architecture design, research and development of innovative security controls, hardware security, and system security engineering. Our expertise includes protecting RF and Wireless channels, cryptography, quantum communication and more.
Job Description:
As a Cyber security system Engineer, you will lead the security engineering aspects of multidisciplinary projects. You will conduct system design surveys, participate in various design and testing stages, and lead cyber and security research in software, firmware, and hardware. Your responsibilities will include: Conducting threat risk analysis, mapping protection targets, designing security architecture and defining appropriate security controls for systems at different maturity and life-cycle phases. Analysing advanced systems and designing cyber and technological security solutions. Planning and executing Cyber security strategies in collaboration with clients and regulatory bodies. Leading and guiding development teams from specification through design to integration. Designing and conducting system proof of concept experiments. Initiating and advancing projects and product development in cyber and security technology. Evaluating existing and future technological solutions. Monitoring the implementation of Cyber security measures in projects and ensuring compliance with security plans.

About us, we secure products and systems throughout their lifecycle. As a multidisciplinary cybersecurity company based in Israel, we specialize in providing comprehensive security solutions across all engineering domains. Our expertise spans hardware security, system security engineering, FPGA and Embedded systems security, low-level software and operating systems cybersecurity, cryptography, RF cybersecurity, quantum-resilient security, and more.
Job Description Project Management and Technical Leadership: Lead and manage software development projects, including planning, coordinating, and supervising team activities to ensure successful project completion. Define development requirements, guide contractors, and implement secure development methodologies and practices. system Design and Development: Design and develop secure software systems and architectures for complex and Embedded systems, ensuring they meet security and performance requirements. Implementation and Configuration: Design, code, TEST, and debug system software, including hardware bring-up. Enhance system efficiency, stability, and scalability. Integrate and validate new product designs. Implement and configure software systems. Risk Analysis and Problem Solving: Conduct risk analysis and problem-solving for system issues, using tools and techniques to identify and resolve problems efficiently. Maintenance and Technical Support : Provide ongoing maintenance and Technical Support, including security updates, bug fixes, and performance enhancements. Secure Development Processes: Implement and oversee secure development processes, including secure code reviews, automated code testing (SCA + SAST), and defining treatment thresholds for TEST results. Documentation and Risk Management: Write explanatory documents, manage risks, and provide defensive justifications for scan results that cannot be addressed.