לוח משרות דרושים מומחה אבטחת מידע / סייבר

seeking a senior, hands-on CISO & Head of IT to act as "one-man-show" authority for IT operations and information security. This role owns IT and Information Security e2e for core business functions:
setting direction, making structural and vendor decisions, and defining what "good" looks like, while also answering questions in real time, exercising sound judgment, and taking ownership when issues arise.
This is a highly visible leadership role focused on judgment, ownership, and practical execution.

Key Responsibilities

Information Security & Risk

Build and maintain a pragmatic information security and IT risk management program aligned with business priorities.
Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams.
Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization.
Promote security awareness and accountability across the company, including ownership of employee security training programs.
IT Ownership

Own internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools.
Ensure smooth employee onboarding and offboarding.
Act as a point of escalation for IT issues and access problems, including hands-on work.
Manage external IT service providers and helpdesk vendors, including SLAs and escalation.
Security Operations

Own the overall effectiveness of security monitoring, detection, and response.
Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents.
Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed.
Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners.
Stay current on emerging threats and translate them into practical, risk-based improvements for the business.
Audits, Customers & Vendors

Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors.
Personally own customer security questionnaires and security discussions.
Partner closely with Legal on privacy, regulatory, and contractual security matters.
Oversee the IT and security budget and manage relevant vendors and advisors.

We are seeking an experienced, visionary Cyber Research Team Lead to guide and grow a multidisciplinary cyber research team. You will lead a group of domain experts - from network engineers and identity specialists, to red-teamers, protocol researchers, penetration testers, data analysts and cloud/virtualization experts - working collaboratively to build our next-gen AI-based posture management platform. As team lead, you will both manage the team and shape the research agenda: coordinating cross-domain investigations, defining priorities, mentoring researchers, and ensuring that research output feeds directly into scalable, intelligent workflows and product capabilities.
If youre passionate about cyber research, enjoy nurturing technical talent, and thrive on building complex, multi-domain security products - this is your chance to build and lead a research team that defines how AI defends modern enterprise infrastructure.
The Responsibilities
Lead, mentor, and coordinate a diverse, multi-domain cyber research team.
Define and drive the teams research agenda, establishing multi-domain security research priorities aligned with company goals and product roadmap.
Translate research findings into actionable AI-based deliverables - such as automated workflows and agentic flows integrated into the AI-based posture management product.
Coordinate and work in multidisciplinary squads to build customer facing product, ensuring real-world relevance and impact.
Maintain research excellence and innovation culture - encourage internal knowledge-sharing, code/tool reuse, and continuous learning.
Recruit, grow, and manage talent -identify skill gaps, hire new researchers, mentor researchers, and foster a collaborative, high-performance team environment.
Stay current with emerging cyber threats, infrastructure trends (cloud, virtualization, identity systems), adversarial techniques and AI-driven security trends - and evolve research strategies accordingly.

At our company, we redefine cyber defense vision by combining AI and human expertise to create products that protect nations and critical infrastructure. This is more than a job; its a Dream job. we are where we tackle real-world challenges, redefine AI and security, and make the digital world safer. Lets build something extraordinary together.
our company's AI cybersecurity platform applies a new, out-of-the-ordinary, multi-layered approach, covering endless and evolving security challenges across the entire infrastructure of the most critical and sensitive networks. Central to our our company's proprietary Cyber Language Models are innovative technologies that provide contextual intelligence for the future of cybersecurity.
At our company, our talented team, driven by passion, expertise, and innovative minds, inspires us daily. We are not just dreamers, we are dream-makers.
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our companys malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen our companys understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
The Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with our companys customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in our companys internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

You will join our Cyber Security Operations team and play a key role in protecting our cloud-native and enterprise environments. In this hands-on role, youll design, implement, and operate security controls across AWS, Kubernetes, CI/CD pipelines, and identity systems. Youll lead incident response efforts, build security automation, and drive continuous improvement of our detection and prevention capabilities in a fast-paced, highly technical environment.

The day-to-day

Own and enhance security for large-scale AWS environments (IAM, VPC, CloudTrail, GuardDuty, EKS, S3).
Build and operate threat detection, incident response, and DFIR processes across cloud, Kubernetes, identity, and SaaS platforms.
Design and implement security automation for access control, cloud hygiene, incident response, and SIEM workflows.
Drive DevSecOps initiatives, securing CI/CD pipelines and enabling shift-left security.
Develop and tune SIEM detections, threat hunting queries, and automated remediation pipelines.
Manage identity, access, and Zero Trust / ZTNA architectures using IdP, SSO, RBAC, and federation.
Simulate real-world attacks and perform vulnerability discovery to validate security controls.

Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes for our company, managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve our companys internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.

As an Embedded Cyber Security Researcher, youll dive deep into the heart of modern vehicles, uncovering vulnerabilities and helping manufacturers build safer, more secure systems. Your responsibilities will include:

Conducting offensive security research on embedded automotive systems.
Hacking into ECUs (Electronic Control Units) from various OEMs to identify and exploit vulnerabilities.
Reverse engineering firmware and hardware components.
Investigating cryptographic systems, privacy mechanisms, and anti-theft technologies.
Collaborating with internal teams and external partners to deliver actionable insights and recommendations.

As a Team Leader, youll guide a talented group of 3-5 researchers, leading hands-on and strategic efforts across multiple projects. Youll:

Lead and mentor a team of security researchers.
Drive offensive security projects, including:
Reverse engineering and vulnerability research on ECUs from various OEMs.
Penetration testing and exploitation of embedded automotive systems.
Research into cryptographic protocols, privacy mechanisms, and anti-theft technologies.
Collaborate with cross-functional teams and global customers to deliver impactful insights and solutions.
Shape the future of automotive security through innovation and deep technical exploration.

We are looking for a Senior Engineering Manager to lead our Linux & Cloud Workload Detection team. This role owns the evolution of behavioral detection capabilities across Linux endpoints, servers, containers, and Kubernetes environments. You will manage a team of highly skilled detection engineers, drive the strategy for Linux and cloud workload visibility, and ensure our products stay ahead of emerging threats targeting modern infrastructure.
What will you do?
Technical & domain ownership
Own Linux & Cloud Workload behavioral detection strategy across endpoints, servers, containers, and Kubernetes.
The team focuses on behavioral detections and agent-side logic, rather than signature-based or IOC-driven rules.
Define what high-fidelity detection means for modern Linux and cloud-native attacks.
Drive coverage of attacker techniques using behavioral signals, not signatures.
People & org leadership
Lead and grow a team of senior detection engineers.
Set technical standards, review detection logic, and raise the bar on quality and impact.
Build strong collaboration with Research, Product, and Platform teams.

We are looking for a talented detection engineer, someone who looks at the world differently, who explores, hunts, lives to beat the system and challenge it. Someone who can address tough security problems and deliver solutions quickly.
What will you do?
You will be responsible for detecting the newest malware and exploits based on SentinelOnes EPP platform. The role includes an end to end responsibility for behaviour based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.