לוח משרות דרושים מומחה אבטחת מידע / סייבר

Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes , managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.

We are looking for an Application Security Engineer to join our Security Engineering team.

What you will be doing:

As an Application Security Engineer , you will play a critical role in ensuring our software applications are secure by design and resilient against evolving threats. You will collaborate closely with development, DevOps, and product teams to embed security throughout the SSDLC and drive secure coding practices.

Conduct security assessments, penetration tests, and code reviews across web, mobile, and cloud applications.

Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines using platforms like Azure DevOps, GitHub Actions.

Design and enforce secure coding standards and SSDLC policies.

Collaborate with developers to remediate vulnerabilities and provide inline guidance during PR reviews.

Lead threat modeling and architecture reviews for new features and services.

Manage secrets, access controls, and data confidentiality assurance across applications.

Monitor public exposure of cloud resources and enforce Azure policies to prevent misconfigurations.

Participate in incident response and forensic analysis for application-related security events.

Deliver security awareness training and documentation for engineering teams.

Maintain up-to-date knowledge of OWASP Top 10, secure coding techniques, and emerging threats.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

Were seeking passionate professionals who thrive in a fast-paced, creative, and collaborative environment - those who want to be part of the next generation of airspace security innovation.

This is a strategic, high-impact VP role for a visionary leader who will shape our companys global customer security strategy, strengthen executive-level trust with clients, and drive innovation in a rapidly evolving cybersecurity landscape. Reporting directly to the Global CISO, you will lead the customer-facing cybersecurity organization, ensuring alignment between client expectations and our companys security posture.
What Youll Do?
Lead Global Customer Security Strategy
Serve as the senior security representative for strategic clients, engaging with C-level stakeholders and regulators to build trust and transparency.
Define and execute a customer-centric security strategy, aligned with global standards and emerging technologies.
Act as a trusted advisor on security strategy, risk posture, and compliance readiness.
Drive Technology & Architectural Excellence
Lead Cloud Security & Multi-Cloud Governance, securing hybrid and multi-cloud environments.
Champion DevSecOps & Secure SDLC, embedding security into development pipelines.
Oversee secure adoption of Generative AI (GenAI) and other emerging technologies.
Provide expert oversight for data protection across hybrid models.
Inspire & Scale Global Teams
Lead and empower a global organization of 100+ cybersecurity professionals, fostering innovation and autonomy.
Build a culture of continuous improvement, ensuring service excellence and customer satisfaction.
Represent our company in industry forums and strategic briefings, positioning us as a trusted partner.
What Success Looks Like?
Increased customer trust and satisfaction scores.
Secure adoption of emerging technologies across global clients.
Measurable improvements in compliance readiness and risk posture.

In one sentence
The Information Security Specialist will lead the efforts to secure the company ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders questions.
What will your job look like?
You will recommend information technology policies, standards and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
You will work with the technical teams both within and outside of our company to embed, deploy or guide all security requirements.
When applicable, you will conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures and practices.
You will research and educate the IS organization around specific standards and regulations that might apply to different domains while monitoring their implementation throughout the security ecosystem and provide recommendations to the relevant stakeholders.
You will keep up-to-date with emerging security threats and alerts, emerging products, services, protocols, and standards in support of security enhancement and development efforts.
You will provide technical guidance to IS teams by means of coaching and mentorship to achieve project goals to the required level of quality. Promote team engagement, empowerment and motivation.
You will onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge.
You will enforce quality processes (i.e. performing technical root cause analysis, outlining corrective action for given problems) and ensure that all the project agreed deliverables are completed to the required level of quality.

CodeValue is looking for a skilled and experienced Security Engineer to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows, aligning with industry best practices and compliance requirements.