לוח משרות דרושים הייטק אבטחת מידע / סייבר משרה מלאה

Required Ms.C / Ph.D. Student Database Security Researcher
Job Description
We are a Database Security team, part of the Gauss unit, responsible for developing the next generation of databases at Toga Networks. Our team focuses on researching and developing innovative database security solutions while working with advanced technologies such as:
AI/Machine Learning
Zero Trust
Cloud Computing
Data Sharing & Collaboration
What Will You Do?
Join our development and research team working on finding security weaknesses in our solutions
Collaborate with top experts in the field to develop solutions shaping the future of database security.

We are looking for a high-energy, driven Security Analyst with a strong security mindset to join our fast-growing team of ambitious professionals. This is a unique opportunity to be part of an exciting data-cybersecurity startup.

Responsibilities:
Conduct in-depth security research to identify emerging cloud and AI-related threats and incorporate insights into our detection and prevention strategies.
Develop and maintain advanced security detections and best practices to identify and mitigate threats to customer data across diverse cloud platforms.
Collaborate closely with Product and R&D teams to translate security research findings into impactful product features and detection capabilities.
Design and prototype advanced detection techniques and automated workflows to continuously strengthen our ability to identify and safeguard sensitive data across complex, multi-cloud environments.
Continuously evaluate emerging cloud services, APIs, and data flows, integrating industry best practices and customer-driven insights to ensure our detection capabilities remain cutting-edge and adaptable.

We are looking for a highly skilled Product Security Architect to join our team. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

Required Chief Information Security Officer
About the Role
As our Chief Information Security Officer (CISO), you will own and lead all aspects of Information Security for us. Reporting to the CTO, you will lead and manage three teams which are individually responsible for Governance Risk and Compliance, Product Security and Security Operations. As CISO, you will shape and execute our security strategy and roadmap, ensuring trust, resilience, and compliance at scale. You will grow and lead the security department and work closely with our leadership to balance business growth with risk management. Externally, you will represent us to customers, auditors, and regulators, reinforcing our commitment to security and trust. Above all, you will ensure that our customers, data, and operations remain secure as we scale.
Overall Security Governance Strategy
Define and execute the company-wide security strategy and roadmap
Align security initiatives with our business objectives and risk appetite
Report on security posture to company executives and te board
Security Operations
Infrastructure Security - Collaborate with DevOps and IT teams to secure our infrastructure and cloud environment
Endpoint Security - Protect employee devices and access points
SaaS Security - Monitor and secure third-party SaaS applications
Data Loss Prevention - Implement controls to prevent unauthorized data access, sharing, and exfiltration across systems and endpoints
Identity and Access Management - Manage the companys access policy and controls
Threat Detection & Incident Response - Establish SIEM, threat intelligence, and forensic capabilities
Incident Response - Respond to security events, conduct investigations, and lead mitigation efforts
GRC (Governance, Risk, and Compliance)
Risk Management & Assessments - Perform regular risk assessments on our systems, processes, and infrastructure, and drive mitigation plans
Certifications & Compliance - Maintain compliance with SOC 2, ISO 27001, DORA, NYDFS, and other regulations
Audits & Regulatory Compliance - Lead security audits, manage interactions with external auditors, government agencies, and regulatory bodies
Third-Party & Vendor Security Assessments - Conduct security evaluations of vendors and partners to ensure data protection standards are met
Security Policies & Frameworks - Maintain and enforce company-wide security policies, ensuring cross-functional adoption
Product Security
Secure Software Development Lifecycle (SSDLC) - Integrate security into our development processes, shift left on security through the entire product lifecycle.

We are looking for a Sr Principal Linux Security Researcher for our Tel Aviv R&D center, to work on cortex-xdr for linux, which provides runtime protection to servers and cloud workloads.
You will be part of a team that is in charge of researching, developing and improving Anti-Exploit capabilities, Anti-malware capabilities. The position includes researching OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Your Impact
Research, develop, and improve anti-exploitation mitigations and anti-malware modules - ranging from low-level mitigations up to tackling application-level security vulnerabilities
Work on the design, evaluation, and implementation of new security technologies
Research Linux OS internals, kernel, application codebases, vulnerabilities and exploits (Mostly internal usage but also PR)
Analyze customer issues to help with detecting and preventing malicious activities in our customers networks.

Are you passionate about leveraging existing research infrastructure to advance security automation? Do you want to join our Security Automation Response and Remediation Team to transform innovative research into product features?
As a Principal Security Researcher, you will utilize and augment our established BI systems, CI/CD pipelines, and research infrastructure to meet team requirements while incorporating LLM capabilities. You will help mature promising research efforts into production-ready product features that enhance our security automation capabilities. Your expertise in security research, infrastructure utilization, and modern AI technologies will drive the evolution of our security operations.
Your Impact
Leverage existing research infrastructure to enhance security automation workflows across multiple security domains (Endpoint, Identity, DSPM, NDR)
Utilize and augment established BI data systems and CI/CD pipelines to support security research initiatives
Transform research concepts into mature, production-ready product features
Integrate LLMs and AI technologies into existing security workflows to improve detection and response capabilities
Develop tools that extend our current infrastructure to better support security research and remediation planning
Collaborate with product teams to translate successful research outcomes into customer-facing features
Partner with cross-functional teams to integrate your innovations with XDR, EDR, NDR, SOAR, and big data platforms.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team.
In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Your Impact
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

We are looking for a Security Researcher to join our Windows EDR behavioral detection team.
You will create statistics-based classification algorithms detecting everything from new malware through process behavior and attackers operating in enterprise-scale networks using data from multiple Windows endpoints; from analyzing attack patterns, finding statistical anomalies, and validating that you detect real attacks and APTs on real customer data.
Your Impact
Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities
Take an active role in our collection modules by improving the ones that are already available and investigating new collection modules that will improve the quality of our detections
Simulate attacks in the lab and conduct a deep analysis of the behavior
Be part of a diverse research group, improving our research processes and leading us to be a better team, creating a better product
Stay up to date with APTs, attacker methodologies, and TTPs.

were on a mission to help engineering teams build secure software, faster.
Were looking for an Application Security Engineer with a passion for AppSec to join our growing team and push the boundaries of modern application security.

Responsibilities
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

We are looking for a Malware Researcher to analyze and review malware applications. You should have a background in cybersecurity and software development.

​​If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
Were looking for a Security Research Manager to lead a team focused on two of the fastest-growing domains in cybersecurity: autonomous investigation and response (Autopilot), and macOS detection and response. This is a unique opportunity to lead an exceptional team of researchers within the largest security company in the world, helping to revolutionize threat detection, investigation and response through patent-grade capabilities.
Your Impact
Lead, mentor, and grow a team of talented security researchers
Drive the inception, strategy and execution of our autonomous investigation and response solution (Autopilot)
Drive the strategy and execution of research initiatives to uncover novel techniques to detect and respond to sophisticated attacks targeting macOS endpoints
Define and prioritize detection and investigation use cases, relevant datasets, and innovative approaches based on runtime visibility, statistic algorithms and threat intelligence
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content
Foster collaboration across research, engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

Were looking for a highly skilled and motivated Application Security Engineer to join our dynamic team. As an Application Security Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features
What Youll Do:
CI/CD Security Hardening
Improve and secure our continuous integration and deployment pipelines through the selection, implementation, and tailoring of new tooling, as well as the maintenance and enhancement of our current stack.
Security Tooling Management
Operate, fine-tune, and customize tools like Snyk, Apiiro, and other AppSec platforms to reduce false positives and enhance threat detection.
Policy Definition
Collaborate with cross-functional teams to develop practical, enforceable CI/CD security policies.
Security Orchestration & Automation
Build and maintain automated playbooks and workflows using orchestration platforms like Torq to support incident response and alert management.

The team is responsible for developing and improving our Windows anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Windows internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Your Impact
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage our company's massive collection network to identify coverage gaps and emerging threats
Assist in the design, evaluation, and implementation of new security technologies
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.