דרושים » אבטחת מידע וסייבר » Information Security

A company located in central Israel is looking for a full-time Information Security Consultant and Advisor.
This is a great opportunity to gain experience in a GRC (Governance, Risk, and Compliance) role and as an Information Security Consultant for cutting-edge tech companies, while also influencing the company and its information security posture.
Responsibilities include:
Supporting organizations in the creation and management of information security programs.
Overseeing information security systems.
Developing risk management processes.
Supporting cross-organizational processes.
Conducting information security reviews and regulatory gap assessments.
Designing and implementing security hardening processes.
The role is dynamic and includes consulting and on-site support at the client's location.
This is a full-time position.
CVs should be sent to our e-mail.

we are the trading and investing platform that empowers users to invest, share and learn. We were founded in 2007 with the vision of a world where everyone can trade and invest in a simple and transparent way. We have created an investment platform that is built around collaboration and investor education. On our platform, users can view other investors portfolios and statistics, and interact with them to exchange ideas, discuss strategies and benefit from shared knowledge. We have over 38 million registered users from 75 countries and our platform is available in 20 languages. We are a fast growing business with over 1,500 employees across 13 offices around the globe, strategically positioned to serve the needs of users. You can find out more about us here.
We are seeking an experienced Security Governance, Risk, and Compliance (GRC) Team Leader to drive our security and compliance programs while building and managing a high-performing team. This role combines strategic leadership with deep technical expertise in security frameworks and regulatory compliance within the fintech industry.
Key Responsibilities
Leadership & Team Management
- Build, mentor, and lead a team of GRC professionals, fostering a culture of excellence and continuous improvement
- Develop and implement strategic objectives for the GRC function, aligned with organizational goals
- Establish KPIs and metrics to measure team performance and program effectiveness
- Lead resource planning, budget management, and professional development initiatives for the team
Security Governance & Risk Management
- Direct the development and maintenance of the organization's security governance framework
- Oversee the enterprise-wide IT and cyber risk management program
- Lead the implementation and monitoring of security controls across the organization
- Drive security awareness and training programs across the company
Compliance & Audit Management
- Lead regulatory compliance initiatives, ensuring adherence to relevant frameworks including ISO 27001, SOC, NYDFS, and NIST
- Oversee internal and external audit processes, managing relationships with auditors and regulators
- Direct the development and maintenance of policies, procedures, and controls
- Lead the response to audit findings and oversee remediation efforts
Strategic Partnership & Communication
- Partner with executive leadership to align security initiatives with business objectives
- Lead vendor risk management program and third-party due diligence processes
- Build strong relationships with business unit leaders to ensure effective control implementation
- Present security and compliance metrics to senior management and board members.

we are the trading and investing platform that empowers users to invest, share and learn. We were founded in 2007 with the vision of a world where everyone can trade and invest in a simple and transparent way. We have created an investment platform that is built around collaboration and investor education. On our platform, users can view other investors portfolios and statistics, and interact with them to exchange ideas, discuss strategies and benefit from shared knowledge. We have over 38 million registered users from 75 countries and our platform is available in 20 languages. We are a fast growing business with over 1,500 employees across 13 offices around the globe, strategically positioned to serve the needs of users. You can find out more about us here.
We are seeking a skilled Risk Manager to lead and enhance risk management across the group and subsidiaries. The Risk Manager will play a critical role in managing risks across the business, building a robust risk framework and fostering a culture of risk awareness.
This role involves working on Risk Control Self-Assessments (RCSA), incident reporting, IT risk management, and AI and modeling governance.
Key Responsibilities:
Operational, security & IT Risk Management
Helping to oversee key processes in BCP of the Group
Leading the implementation of governance and working with GRC on security assessment and mitigations plans
Internal fraud
Help in overseeing the internal fraud policy and governance and ensure the policy is fully implemented .
Risk Governance & Controls
Support the company's Group Risk Control Self-Assessment (RCSA) process, ensuring accurate risk identification and mitigation.
Monitor and enhance the risk dashboard, ensuring key risk indicators (KPIs) are effectively covered and aligned with strategic objectives.
Support the implementation of the incident reporting tool to enhance risk event tracking and reporting.
Compliance & Regulatory Risk
Assist in the development and implementation of an AI risk policy, maintain an AI inventory, and oversee model validation processes.

Who We Are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem – we’re reshaping how financial technology is developed and delivered

The Role:
We’re looking for an IT Compliance Associate to join our Technology team and help ensure our systems, vendors, and internal processes meet legal, regulatory, and security standards. In this role, you’ll support the design and implementation of an effective IT compliance framework, manage access controls, assess risk, and guide teams in upholding compliance across the organization. You’ll also help shape policies, identify gaps, and drive remediation efforts with cross-functional stakeholders. This is a collaborative, detail-oriented position with room for growth in the cybersecurity and compliance domain

Who You Are:
A sharp, analytical thinker with high attention to detail Collaborative, reliable, and able to thrive in a structured environment Comfortable analyzing complex data, identifying risk, and advising on controls Driven by doing things ethically, legally, and right the first time

What You’ll Actually Be Doing:

* Develop and maintain an effective IT compliance program
* Conduct risk assessments on internal processes and systems
* Lead access recertification and vendor risk assessment processes
* Draft, manage, and update internal compliance policies and documentation
* Review vendor documentation for regulatory and security alignment
* Analyze data, identify compliance gaps, and implement remedial actions
* Prepare reports, dashboards, and compliance summaries for internal stakeholders
* Organize and contribute to quarterly Cyber Steering Presentations

What You Bring to the Table:

* 3+ years of experience in IT compliance, information security, or a related field
* Security certifications such as CISA, CISSP, or Security+ – Must
* Advanced knowledge of regulatory frameworks and compliance guidelines – Must
* Strong analytical, problem-solving, and communication skills
* Mother tongue level fluency in both English and Hebrew – written and verbal – Must
* Bachelor’s degree in a relevant field (e.g., Information Security, Law, Business, or related discipline)

Why You’ll Love Working Here:
Flexible hybrid work model: three days a week at our Jerusalem office Monthly wellness reimbursement – from therapy to gel manicure, it's up to you Full Keren Hishtalmut, private health and dental insurance Volunteer days, donation matching, Yoga and Pilates A supportive, collaborative culture that puts our people first

Next Step:
Hit apply. You bring your compliance mindset; we’ll bring the challenge (and the snacks!)

About us: We are an Israeli research and development company specializing in analyzing cyber and technological security threats. We design secure architectures and controls for complex systems, providing cyber-resilient architecture design, research and development of innovative security controls, hardware security, and system security engineering. Our expertise includes protecting RF and Wireless channels, cryptography, quantum communication and more.
Job Description:
As a Cyber security system Engineer, you will lead the security engineering aspects of multidisciplinary projects. You will conduct system design surveys, participate in various design and testing stages, and lead cyber and security research in software, firmware, and hardware. Your responsibilities will include: Conducting threat risk analysis, mapping protection targets, designing security architecture and defining appropriate security controls for systems at different maturity and life-cycle phases. Analysing advanced systems and designing cyber and technological security solutions. Planning and executing Cyber security strategies in collaboration with clients and regulatory bodies. Leading and guiding development teams from specification through design to integration. Designing and conducting system proof of concept experiments. Initiating and advancing projects and product development in cyber and security technology. Evaluating existing and future technological solutions. Monitoring the implementation of Cyber security measures in projects and ensuring compliance with security plans.

we are looking for an experienced Application Security Architect to join our Cybersecurity team. In this role, you will be instrumental in building and advancing our companys application security programs. Working closely with talented engineers, product managers, and platform teams, youll play a key role in ensuring the security of our software development lifecycle (SDLC).
Youll provide security services including secure coding practices, architecture reviews, awareness and training initiatives, and tool implementation. From threat modeling to secure development education, your contributions will directly impact the safety and resilience of our companys products.
What am I going to do?
Lead Secure SDLC Initiatives: Drive security throughout the software development lifecycle (S-SDLC), including threat modeling, risk assessments, and mitigation planning for new and existing applications.
Embed Secure Design Practices: Guide development teams on implementing secure architectural patterns, design principles, and coding standards, with emphasis on OWASP and industry best practices.
Security Tooling Strategy: Define and manage the integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools into our companys CI/CD pipelines, ensuring scalable, platform-agnostic coverage and effective vulnerability management.
Security Testing & Remediation: Perform and oversee application security testing, ensuring timely remediation of identified vulnerabilities.
Develop Security Standards: Create and maintain secure coding standards, best practices, and development guidance tailored to our companys tech stacks.
Code Reviews: Conduct in-depth manual and automated security code reviews for critical components, offering practical and constructive feedback to engineering teams.
API & Mobile App Security: Design and assess security for APIs and mobile applications, ensuring robust authentication, authorization, and data protection in line with industry standards.
Third-Party Risk Management: Evaluate the security posture of third-party libraries, components, and services integrated into our company's applications.
Cloud Security Collaboration: Partner with Cloud Security Architects to ensure secure application deployment in cloud environments (e.g., AWS, GCP), offering expert advice on cloud-native security practices.
Team Enablement & Education: Mentor development teams on emerging threats, secure coding techniques, and security-first development approaches.
Bug Bounty Program Leadership: Manage and evolve our companys bug bounty program, working with researchers and internal teams to resolve findings efficiently.

We are looking for a Risk Analyst to help us build, design, and manage risk analytics & reporting for our existing portfolio of merchants across all operating countries. Youll be responsible for developing, publishing, and fine-tuning the analytics and reporting requirements for Global business for the Risk team.
The role requires strong Data Analytics, Business Intelligence, and Visualization skills and the ability to explain complex situations and concepts through data-driven storytelling.
This role also has scope for building risk models for our existing portfolio of merchants to mitigate the existing financial risk. Modelers will be taking the responsibility of defining the problem statement, building the solution, and offering an optimal strategic approach to implement the solution within the existing ecosystem and showcase value addition.
The role will require coordination with teams within Risk and across and managing senior stakeholders within the Risk function. You will need to work with Risk team members to understand their analytics and reporting requirements and build the same. You will be a key member of the team working in a fast-paced environment on impactful assignments with the exposure to work directly with senior management across the company.
Key Responsibilities:
Own (Build and maintain) the Risk reporting area for the Global Risk team and publish reports aligning with the requirement timeline
Perform analysis throughout the entire customer lifecycle, including acquisition, portfolio management, and collections providing actionable MI on all aspects of portfolio performance
Provide support to the business by addressing inquiries and offering ad hoc insights into portfolio and strategies.
Develop and maintain the Risk models used to manage customer credit and fraud risk in including exposure and default methodologies and associated behavioral measures.
Design, Development, and maintenance of analytical solutions related to risk.
Providing the business and other stakeholders with advice and support on model use, model impact, and model implementation
Supporting external engagement and internal governance in relation to risk models and model frameworks

We are looking for an experienced Privacy Specialist to become the founding member of our Data Protection Team. In this role, you will be critical in shaping and operationalizing our data privacy and protection strategy. This is a hands-on role requiring both strategic thinking and tactical execution. Youll collaborate with cross-functional teamsincluding Legal, Engineering, Product, and Securityto ensure our software, services, and internal practices align with privacy regulations such as GDPR, CCPA, and others relevant to our global operations.
Responsibilities:
Develop, enhance, and implement our privacy and data protection control framework, processes, and tools.
Ensure compliance with applicable data privacy laws (e.g., GDPR, CCPA) and coordinate with the Legal team to monitor evolving regulations.
Partner with Product and Engineering to embed privacy by design and default into new technologies and product features.
Lead data discovery, classification, and data flow mapping initiatives across systems and third-party services.
Conduct Data Protection Impact Assessments (DPIAs) and privacy risk evaluations for new products, projects, or vendors.
Create and deliver internal training programs to foster a company-wide culture of privacy awareness.
Collaborate with Information Security to develop and test incident response and data breach protocols.
Assess third-party vendors for privacy compliance and manage appropriate contractual safeguards (e.g., DPAs, SCCs).
Act as a subject matter expert and point of contact for internal and external stakeholders on all privacy-related matters.

Are you ready to power the future? At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 4,000 employees, offices in 34 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. This role is a team member in our security engineering team. The Cyber Security team is composed of strong and experienced security engineers, responsible for designing, implementing, analyzing, and maintaining an on-prem\cloud-based security controls in particular OT security. What you will be doing:
* Manage the day-to-day operations of the company’s security infrastructure systems.
* Will lead the implementation of IT/OT cyber security systems in the organization.
* Provide security guidelines to various projects and systems.
* Research new innovative technologies to mitigate security gaps and work to implement in the production

Country:
Israel

City:
Herzliya