לוח משרות דרושים הייטק אבטחת מידע / סייבר משרה מלאה

We are looking for an experienced Information Security Specialist to join our team The role involves maintaining and managing IT systems, ensuring secure network operations, and implementing information security solutions. The ideal candidate has hands-on experience with UNIX/Linux/AIX systems, network administration, and security product management. Familiarity with SCADA systems and tools such as TOL Rimon is an advantage. Responsibilities:
* Administer and maintain UNIX, Linux, and AIX systems.
* Manage and secure network infrastructure.
* Implement and manage information security products and solutions.
* Collaborate with cross-functional teams to ensure secure IT operations.
* Support security assessments, audits, and compliance activities.

we are looking for an excellent Cloud Security Expert to provide advisory services to our biggest clients and help them to build and secure their cloud environments.
Major Responsibilities:
Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customers secure cloud environments
Deliver technology-related aspects of cloud security solutions and services to client engagements
Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
Cloud environments configuration reviews and assessment
Act as technical subject matter expert and the technical focal point for clients
When working with clients abroad, collaborate with member firms teams

We are looking for a highly skilled and motivated Cloud security Team Lead to lead a team of cloud security professionals. This role focuses on designing and implementing secure cloud environments, guiding clients through cloud security strategies, and driving innovation in cloud-native security solutions.
Responsibilities:
Lead and mentor a team of cloud security experts
Design and implement secure cloud architectures across AWS, Azure, and GCP
Develop cloud security strategies, policies, and governance frameworks
Support pre-sales activities and lead technical discussions with clients
Stay up to date with evolving cloud threats, technologies, and best practices
Promote a security-first mindset in digital transformation and cloud migration projects
Educate and collaborate with clients technical and management teams (CIOs, CTOs, Architects, DevOps, Security team, etc.)

our Technology Consulting team is looking for a Cybersecurity Consultant to join our cyber department.
The Cyber Department works with a variety of clients in different fields: Government, Hi-tech, Industry, Retail, Hotels, Defense and more.
The Job Will Include:
Client Engagement: Leading, guiding and advising to clients in Israel and abroad as well as joint projects with various partners of global on cyber security projects based on methodology, regulation and standards
Technologies: Work with different aspects of cyber security in multiple fields such as IT, OT & Cloud
Security Assessments: Carrying out risk surveys including cyber, operational and supply chain risks
Advisory and Strategy Development: Developing business continuity plans (BCP) ,cyber security and maturity programs, secure architectures, policies and information security procedures
Collaboration: Leading representative and high-profile meetings with client internal senior management

we are looking for a Cybersecurity Manager, AI Security Practice
Role Overview:
As a Manager in the Cybersecurity Practice with a focus on AI Security, you will drive strategic growth of offerings at the intersection of cybersecurity, artificial intelligence (AI), and governance risk & compliance (GRC). You will lead client engagements, shape innovative service offerings, influence go-to-market strategy, mentor delivery teams, and help organizations secure AI transformative initiatives.
This role sits at the convergence of consulting, technology, and risk advisory, requiring both deep technical expertise in AI and ML security architectures and senior client relationship leadership. You will work cross-functionally with global teams including cyber, cloud, data, AI and risk to embed security strategies into clients AI journeys.
Responsibilities:
Strategic Leadership & Practice Growth:
Define and execute the strategic roadmap for AI security offerings and solutions, including consulting frameworks, accelerators, and tool integrations.
Drive thought leadership in AI risk management, secure AI adoption, and cyber governance for emerging technologies.
Lead go-to-market strategy, including positioning, business development, proposals, pricing, and differentiation in AI security.
Influence global cyber offerings to incorporate AI risk, threat modeling, compliance, and resilience considerations.
Client Delivery & Engagement:
Lead complex client engagements end-to-end, from scoping through delivery, ensuring high quality, on-time and profitable execution.
Advise enterprise clients on secure AI adoption, AI threat landscape, governance frameworks, secure deployment patterns, and operational resiliency.
Architect secure AI and ML environments, including identification of risks such as data poisoning, model extraction, integrity attacks, and unauthorized access.
Integrate AI security with enterprise security programs, cloud, DevSecOps, identity and access management, and compliance controls.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

As part of System Architecture group, the Cybersecurity System Architect will define the end-to-end architecture of advanced network security services, such as intrusion prevention systems (IPS), and host-based intrusion detection systems (HIDS) and firewalling. This role is at the forefront of integrating deep security intelligence into high-performance, scalable network operating systems and telecom-grade platforms.
As part of R&D core function, shaping next-generation secure network infrastructure by embedding deep packet inspection, behavioral analytics, and threat mitigation into the product architecture.
Responsibilities
1. Architecture of Integrated Security Services
Define and lead the system architecture for L3-L7 firewalling, stateful inspection, policy enforcement, and application-aware filtering.
Architect integration of IPS, DPI, signature- and anomaly-based detection, and evasion-resilient detection engines into control and data plane systems.
Specify how HIDS capabilities will be embedded or interfaced with NOS components for detecting host-based anomalies and compromise indicators.
2. Threat Detection & Prevention Frameworks
Design scalable architectures that support high-speed signature matching, traffic heuristics, and flow analysis under real-world traffic conditions.
Define mechanisms for rule updates, threat intelligence feeds, and integration of ML-based detection algorithms.
Architect policy engines for complex rule matching, including user-defined policy trees and hierarchical control structures.
3. Secure System Integration
Lead system-level threat modeling and security design reviews across platform, OS, and networking protocol layers.
Define secure communication paths, trust boundaries, and cryptographic protections for sensitive metadata, logs, and update mechanisms.
Ensure proper isolation and sandboxing of inspection/control modules, especially in multi-tenant or containerized environments.
4. Performance and Resilience Considerations
Design architectures to meet line-rate security enforcement, ensuring minimal latency overhead while preserving packet integrity.
Align with the HW Architecture for performance optimized flow offload strategies (e.g. hardware-assisted DPI).

We are looking for a talented, tech-savvy individual to join our Cyber Security team and help us tackle the toughest security challenges in cutting-edge ecosystem.
In this role, you will be a subject matter expert and play a major part in our efforts to build and maintain security infrastructure, design secure architectures, enforce security best practices, and automate security processes.
The Cyber Security team is composed of strong and experienced security engineers, responsible for defining the security strategy and managing all of infrastructure.
Responsibilities:
Define, implement, and maintain security policies, standards, and methodologies; ensure they evolve with new threats and technologies.
Design, deploy, and operate detection, prevention, and response technologies across a scaled, diverse, and complex environment (hybrid infrastructure: public cloud + on-premises).
Build and operate secure infrastructure: hands-on ownership of security configurations and system hardening.
Conduct security assessments, secure-design reviews and architecture assurance reviews to identify and mitigate possible security risks.
Automate security processes: configuration deployments, infrastructure management, detection, response, compliance checks, patching, configuration drift, etc.
Design, develop, and implement secure software development and deployment pipelines, incorporating best practices, automation, and CI/CD methodologies.
Stay ahead of emerging cyber threats and technologies: research, evaluate, pilot, and integrate where relevant.
Participate in creating incident response playbooks, coordinate incidents investigations, root cause analysis, and lessons learned.

Were looking for a Senior Security Platform Engineer to join our team and work at the intersection of Security technology, and business. This role is about impact - not just ownership, not just execution, but building solutions that actually get used.
This role is based in Tel Aviv. We work in a hybrid model, with 3 days a week in the office.
Your impact and responsibilities:
Support, maintain, and operate network, data, and AI security controls across our company production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing

we are looking for a AI Security Engineer.
As AI capabilities accelerate across the bank, we need an engineer to design and enforce safe AI usage-protecting customer data, preserving model integrity, and meeting our regulatory obligations. You'll be the architect of guardrails, tooling, and policies that make AI both secure and useful for product and internal teams. This isn't about slowing things down; it's about building the trust layer that lets innovation move fast without breaking things.
What Youll Actually Be Doing:
Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services.
Implement data minimization controls for GenAI/RAG workloads: context filtering, least‐privileged retrieval, document-level ACL enforcement, vector store hardening, and secure token/secret handling.
Threat model AI systems (apps, agents, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/jailbreaks/data exfiltration) and build mitigations.
Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive-data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM.
Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams.
Evaluate third‑party AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing.
Partner across Security, Data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits.
Lead/participate in AI red‑teaming: automated jailbreak/prompt‑injection tests, safety benchmarks, purple‑team exercises, and response playbooks for AI incidents.
Enable the org with concise guidelines, examples, and training on safe AI development and usage.

we are looking for a Mid-Level, Security Engineer.
This role focuses on ensuring the security and compliance of cloud infrastructure by implementing and maintaining robust security controls across AWS environments. The position involves automation for security monitoring, adhering to best practices, and collaborating cross-functionally with other teams.
What Youll Actually Be Doing:
Cloud Security Implementation: Contribute to the design and implementation of security measures across AWS environments to ensure systems are secure, compliant, and aligned with industry best practices. Including implementation, automation and development of security policies
Conduct regular security assessments, control testing, and audits to proactively identify risks and vulnerabilities (and support remediation efforts with partner teams)
Collaboration with Internal Teams: Work closely with internal teams to integrate security best practices into development and operational workflows
Security Automation & Infrastructure Management: Design and implement automation strategies for security monitoring, auditing, and incident response
Cost Efficiency through Security: Contribute to cloud cost management by optimizing cloud resources without compromising on security.
Incident Response & Threat Management: Participate in incident response efforts to support timely identification, analysis, containment, and remediation of security threats. Contribute to post-incident reviews, help maintain incident response playbooks, and support internal teams by sharing learnings and updated procedures.