לוח משרות דרושים הייטק אבטחת מידע / סייבר

In this position, you will have the autonomy to choose the best tools for the job, manage our corporate environment from the ground up, and have a direct impact on protecting the financial data of global enterprises while ensuring our team has the best technical tools to succeed.
What youll do
IT Operations & Employee Experience
Youll work closely with the CTO, engineering, and business teams, combining hands-on execution with real ownership and impact.
Manage corporate SaaS platforms, identity management (SSO), and Google Workspace.
Compliance & audits (SOC2, PCI)
Acting as the security point of contact for customers, auditors, and internal teams
Act as the primary technical point of contact for all employees, providing hands-on support and troubleshooting.
Deploy and operate endpoint security and management tools (EDR, MDM, DLP) across a distributed workforce.
Cloud & Infrastructure Security
Improve and maintain the security posture of our AWS/GCP-based cloud infrastructure.
Operate cloud security platforms, such as Upwind / Wiz / Oligo, or similar solutions to prioritize and remediate risks.
Design and enforce secure access controls and least-privilege IAM policies.
Investigate cloud security alerts and support incident response.
Application Security
Integrate security into the SDLC and CI/CD pipelines by automating SAST, SCA, and secret scanning.
Secure containerized workloads (Kubernetes / EKS) focusing on runtime protection and image hardening.
Provide guidelines and safeguards for AI-powered development processes and AI models within our SaaS platform.
Compliance & Security Culture
Support SOC2 and PCI DSS compliance initiatives and audit readiness.
Serve as the primary security focal point for external auditors.
Contribute to security awareness and best practices across the company, explaining the rationale behind security requirements.

Were looking for Principal Cloud Security Researcher with a strong security background to join our innovative Research team.
The Role
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community
Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product
Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

Required Vulnerability Researcher
Want to make an instant impact?
Be a part of the top cyber research teams in the industry and make the world a better place!
As a Vulnerability Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding vulnerabilities and circumventing modern mitigation techniques
Our perks:
A competitive compensation package
Hybrid and flexible
Multiple career advancement opportunities
Incredible benefits.

We are seeking a Senior Security Researcher - Cloud Threats to join our highly technical product research team working at the core of our cloud security platform.

This is a rare opportunity to join an elite cloud security research team and do work that directly shapes our product. In this role, you will own the research direction for our Cloud Detection and Response (CDR) capabilities, designing detection strategies across agentless and agent-based telemetry, expanding coverage across cloud attack surfaces, and developing prioritization mechanisms that help customers focus on what matters.

You will perform novel security research to uncover attacker behavior, develop detection methodologies, and apply detection-as-code principles to build production-grade detections. Beyond product work, you'll contribute to our external thought leadership, writing and speaking about cloud threats, adversary tradecraft, and detection methodologies.

We're looking for an exceptional, adversary-focused security researcher who can bridge threat intelligence, cloud security knowledge, and detection engineering. You're curious, comfortable with ambiguity, and driven to understand how attackers operate in cloud environments.

Your Role:
Own the research direction for Cloud Detection and Response (CDR), driving the vision for how we detect and respond to cloud threats.
Design detection strategies across agentless and agent-based telemetry sources, focusing on quality and detecting what matters.
Perform novel security research to uncover attacker tradecraft, techniques, and behaviors in cloud environments, informing both product direction and external research.
Apply detection-as-code principles to build production-grade detections that ship directly in the Tenable Cloud Security platform.
Stay current with emerging cloud threats and translate threat intelligence into actionable detection logic and product capabilities.
Write and speak about cloud threats, adversary tradecraft, and detection methodologies to strengthen our voice in cloud security.

We are seeking a Senior Security Researcher - Cloud Threats to join our highly technical product research team working at the core of our cloud security platform.

This is a rare opportunity to join an elite cloud security research team and do work that directly shapes our product. In this role, you will own the research direction for our Cloud Detection and Response (CDR) capabilities, designing detection strategies across agentless and agent-based telemetry, expanding coverage across cloud attack surfaces, and developing prioritization mechanisms that help customers focus on what matters.

You will perform novel security research to uncover attacker behavior, develop detection methodologies, and apply detection-as-code principles to build production-grade detections. Beyond product work, you'll contribute to Tenable's external thought leadership, writing and speaking about cloud threats, adversary tradecraft, and detection methodologies.

We're looking for an exceptional, adversary-focused security researcher who can bridge threat intelligence, cloud security knowledge, and detection engineering. You're curious, comfortable with ambiguity, and driven to understand how attackers operate in cloud environments.

Your Role:

Own the research direction for Cloud Detection and Response (CDR), driving the vision for how we detect and respond to cloud threats.
Design detection strategies across agentless and agent-based telemetry sources, focusing on quality and detecting what matters.
Perform novel security research to uncover attacker tradecraft, techniques, and behaviors in cloud environments, informing both product direction and external research.
Apply detection-as-code principles to build production-grade detections that ship directly in the Tenable Cloud Security platform.
Stay current with emerging cloud threats and translate threat intelligence into actionable detection logic and product capabilities.
Write and speak about cloud threats, adversary tradecraft, and detection methodologies to strengthen Tenable's voice in cloud security.

Required Detection & Incident Response Team Lead
As a Detection & Incident Response Team Lead, you will:
Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
Leverage open-source tools and frameworks to support threat attribution and research
Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders.

We are seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across Tenable's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.

Your Role:

Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as Tenable's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

we are looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environments-Windows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

Required Network and Security Engineer
As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

Required Security Researcher
As a Security Researcher, you will:
Analyze mobile applications
Perform in-depth technical research on Android and iOS application architectures
Identify forensic artifacts from mobile apps
Analyze both static and runtime behaviors of mobile applications
Develop scripts and tooling to automate process.

We are seeking a GRC Security Specialist to join our Cyber GRC Team. You will be joining a tight-knit and highly respected team of GRC experts who are central to our security strategy. In this role, you will be at the heart of protecting our global financial platform, directly influencing the trust and safety of millions of users worldwide.
What you'll do:
Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
Develop a Cyber security compliance strategy and approach and ensure compliance with contractual requirements and globally recognized standards and guidelines.
Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
Conduct and participate in periodic internal reviews or audits to ensure that compliance procedures are followed.
Oversee and evaluate compliance systems to ensure they function effectively.
Compile and present reports to management on compliance activities and progress.
Stay updated on industry developments, regulatory trends, and best practices to evaluate their potential impact on the organization.
Design and implement enhancements in compliance communication, monitoring, and enforcement mechanisms.
Develop and execute a compliance awareness program, including the creation and distribution of materials for all employees.
Partner with Legal and IT teams to manage data protection agreements and compliance initiatives.
Lead the development and execution of company-wide security awareness and training initiatives.
Assist in incident response planning and investigations when necessary.

Our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC.
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks.
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews.
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements.
Automate security processes and integrate security tools within CI/CD pipelines.
Develop and deliver secure coding training to engineering teams.