לוח משרות דרושים מומחה אבטחת מידע / סייבר

We are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science. We are a cybersecurity firm specializing in advanced adversary simulation and offensive security testing. We deliver Red Team assessments for Fortune 500 companies, simulating sophisticated, real-world attacks across external, internal, cloud and Active Directory environments. Our services span both stealth-based Red Team operations and risk-focused assessments, covering a wide range of attack surfaces including on-premise and cloud environments.

Responsibilities:
Participate in Red Team and Risk assessments under the guidance of senior team members.
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients.
Learn and simulate attacker tactics, techniques, and procedures (TTPs).
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance.
Participate in our internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios.

We are looking for a highly skilled Senior Product Manager to join our Product team and lead the Exposure Assessment domain of the platform.

As the Product Manager leading the Exposure Assessment domain, you will work closely with a highly skilled team of engineers, data stakeholders, and security researchers. Together, you will ensure customers can continuously understand, manage, and reduce exposure across their external attack surface.

This role is ideal for experienced Product Managers with experience working on cybersecurity products, who love to collaborate and communicate with external and internal stakeholders, deeply understand the problems they are solving, and make decisions using customer insights and data.

Responsibilities
Own the Exposure Analysis domain end-to-end, including strategy, roadmap, product flows, and execution.
Lead product discovery and problem definition, using methods such as user interviews, stakeholder interviews, competitive research, workflow mapping, and iterative validation.
Define domain success metrics (KPIs), track progress, and make data-informed decisions to drive measurable outcomes.
Work closely with Engineering, Design, Data, and Security Research to define initiatives, prioritize deliverables, and solve day-to-day product challenges.
Build and maintain strong relationships with customers to understand their security programs and workflows, identify pain points and opportunities, validate direction, and support successful adoption of new capabilities.
Translate product direction into clear, actionable requirements, and communicate them effectively to Engineering, Research, Design, and other stakeholders to enable high-quality execution.
Partner with Sales, Marketing, and Customer Success to align on priorities, support key opportunities, communicate upcoming deliveries, and drive go-to-market activities including enablement and launches.

As a Security Researcher, you will play a crucial role in researching, building, and enhancing our cutting-edge technology to address the evolving cybersecurity challenges faced by the world's largest enterprises.

Responsibilities
Research, develop, and implement new offensive security capabilities that push the boundaries of the EASM category, including exploit development and PoC creation across web applications, AI/LLM assets, network infrastructure, cloud environments, and supply chain dependencies.
Drive innovation by conceptualizing, implementing, and adopting AI-driven initiatives and offensive security expertise to enhance IONIX's detection, validation, and automation capabilities at scale.
Conduct in-depth research to continuously expand platform coverage.
Develop exploitability tests to uncover critical, real-world findings across enterprise attack surfaces - directly demonstrating the power of the IONIX platform.
Collaborate with global enterprises as design partners to understand their security needs and design solutions accordingly.
Take ownership of key research projects, addressing security and scalability challenges from concept through to delivery.

We are seeking a highly disciplined, technically elite Digital Assets Custody Operator to serve as the guardian of multi-asset portfolio.
This is not a typical operations role. You will operate at the very heart of our security architecture, blending precise technical execution with a high-level security mindset. You will be responsible for executing complex cryptographic procedures in secure environments while simultaneously designing the future of our security architecture.
If you are passionate about the deepest intricacies of institutional custody, comfortable with Linux command lines and AI, and ready to proactively defend against emerging threats, we want you.

Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

In this role, you'll be a trusted point of contact for physical site security, ensuring daily operations run smoothly and securely. You'll execute established security plans, respond to incidents, and coordinate with onsite vendor guarding teams to ensure standards are met. You'll work collaboratively with business groups and local leaders to support their physical security needs.

Additional responsibilities include but are not limited to:
- Execute and maintain site-specific security procedures and operational plans
- Manage the onsite vendor guarding deployment on a day-to-day basis, ensuring alignment with Apple's standards and requirements
- Serve as the physical security point of contact for business groups across the Herzliya campus
- Respond to and coordinate security incidents, escalating appropriately
- Support the planning and execution of secure events and assignments on site
- Maintain strong working relationships with other supporting functions, EHS, andPlaces teams
- Manage field security requests for short-term and non-recurring assignments
- Support project activities, including attending meetings and communicating updates.

we are looking for a hands-on Penetration Tester / Red Teamer with strong infrastructure experience to join our team as a Cyber Security Researcher. Youll be part of the offensive team that researches cutting-edge attacks and translates them into realistic breach simulations across complex environments-Windows domains, cloud infrastructure, Linux systems, and more.
Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.

What You Will Do?
Research & Simulate Real-World Attacks
Track and analyze the latest attacker TTPs
Build internal tools, scripts, and POCs to emulate real threat behavior
Design offensive simulations mapped to the MITRE ATT&CK framework
Focus areas include:
Active Directory attacks (on-prem & Azure)
Cloud infrastructure misconfigurations (AWS, Azure, GCP)
Linux and network-level attack vectors
Kubernetes threats and container-based environments
Write clean, reusable, and documented code in Python, PowerShell, and Bash

We are seeking a GRC Security Specialist to join our Cyber GRC Team. You will be joining a tight-knit and highly respected team of GRC experts who are central to our security strategy. In this role, you will be at the heart of protecting our global financial platform, directly influencing the trust and safety of millions of users worldwide.
What you'll do:
Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
Develop a Cyber security compliance strategy and approach and ensure compliance with contractual requirements and globally recognized standards and guidelines.
Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
Conduct and participate in periodic internal reviews or audits to ensure that compliance procedures are followed.
Oversee and evaluate compliance systems to ensure they function effectively.
Compile and present reports to management on compliance activities and progress.
Stay updated on industry developments, regulatory trends, and best practices to evaluate their potential impact on the organization.
Design and implement enhancements in compliance communication, monitoring, and enforcement mechanisms.
Develop and execute a compliance awareness program, including the creation and distribution of materials for all employees.
Partner with Legal and IT teams to manage data protection agreements and compliance initiatives.
Lead the development and execution of company-wide security awareness and training initiatives.
Assist in incident response planning and investigations when necessary.

Our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.

The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC.
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks.
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews.
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements.
Automate security processes and integrate security tools within CI/CD pipelines.
Develop and deliver secure coding training to engineering teams.

We are seeking a highly skilled and experienced Attack Team Leader to lead a specialized attack team focused on developing offensive, production-ready attack capabilities. This is a research and development (R&D) role at the core of our offensive security efforts. You will be responsible for architecting and delivering advanced low-level attack components used in evasion techniques, red team tooling, and adversary simulations.
You will be hands-on in both leadership and development, guiding technical direction, mentoring engineers, and contributing code to offensive attack components.
The Impact You Will Have
Lead the design, development, and deployment of production-grade offensive capabilities targeting application and OS CVEs exploits
Develop attack components for Windows/Linux including OS-level evasion mechanisms
Implement Python bindings to connect native low-level components with Python-based research tools and automation
Research and develop bypass techniques for modern security controls
Collaborate with the Research Team and other R&D stakeholders to implement and refine offensive concepts
Provide technical mentorship and drive engineering best practices within the team
Harness AI coding agents to streamline the above processes

we are looking for an Android Security Research team leader to manage a team of super-talented malware researchers and reverse engineers. Our teams help top-level companies improve their security mechanisms using our insights on the latest malware trends, adversarial shifts, and new techniques. Combining intelligence, sophisticated forensics, and data science helps us catch the most relevant and up-to-date threats and threat actors.
What will you do?
* Lead and mentor a team of security researchers across multiple projects
* Own long-term malware and security research of a variety of Android frameworks, technologies, and domains
* Detect large-scale malware campaigns and help bring their operations down
* Review and enhance your team's research reports and code
* Collaborate with other teams throughout the organization
* This role is a management position with 40% hands-on technical work
* Find the bad guys - take them down
About us:
we are a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact-whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, our company provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.