דרושים » אבטחת מידע וסייבר » Senior Software Security Engineer

The Research team takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and mitigate sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security frameworks such as SALSA. This position reports directly to an R&D VP.

Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.
Job Id: 22784

We are looking for proactive, analytical talented people to join the Security Applications Content team.
As a Senior Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to our security and network products such as NGWF, CASB, DLP, Device Management and more.
Joining usis an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior as part of our
Security products (NGFW,CASB,DLP,Device Management and more).
Suggest and conduct new research vectors
Utilize our Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.

We seek a dynamic and experienced Cloud Security Engineer to join us!
This role presents an exciting opportunity to work in a fast-growing company with great opportunities to make a difference.
In this role, you will be responsible for:
Design and implement cloud security architectures and controls for multi cloud env
Maintain and manage security tools within our cloud environment, such as Firewall, WAF, CDN, API Security, Runtime Protection, CSPM, DSPM, and SSPM.
Identify and remediate vulnerabilities and misconfiguration findings in our cloud environments.
Monitor and optimize cloud architecture connectivity in the environment to comply with our compliance and policies.
Administer and control our security cloud accounts.
Lead and execute cross-organizational security projects and initiatives.
Collaborate with internal teams to enhance cloud security measures.

Ask a member of our team and theyll answer, Our people! We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When youre part of our team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
cloud Security was born out of the acquisition of Ermetic, an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of cloud infrastructure entitlement management (CIEM). The acquisition combines two cybersecurity innovators and marks an important milestone in mission to shift organizations to proactive security. The combination of and Ermetic offerings will add capabilities to deliver market-leading contextual risk visibility, prioritization and remediation across infrastructure and identities, both on-premises and in the cloud.
looking for an experienced Senior Product Manager to help us build a cloud-native security product with state-of-the-art architecture and cutting-edge technology.
The Senior Product Manager will play a key role in the product life cycle with an emphasis on customer requirements, as well as generating and defining the product vision. The Senior Product Manager will work closely with multiple departments including product management, engineering, UX/UI, sales, customer support, finance and marketing to ensure customer requirements are met.
This is an exciting opportunity to join a fast-growing and innovative company, and be part of a strong team with the chance to lead a product that solves a high-profile problem in the Cloud Security space. You will be joining the companys product team and lead a significant domain.
In this role, you will:
Define product strategy and roadmap
Understand the cloud ecosystem, markets, competition and user requirements in depth
Conduct market research, and analyze and gather relevant information about market trends
Perform product demonstrations for customers
Launch new products and features
Develop innovative solutions to hard problems by collaborating, as needed, across regions, product areas, and functions

Ask a member of our team and theyll answer, Our people! We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When youre part of our team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Cloud Security was established through the acquisition of Ermetic, an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of CIEM. This acquisition is a significant step in mission to shift organizations towards proactive security, offering market-leading contextual risk visibility, prioritization, and remediation across both on-premises and cloud infrastructures.
Your Opportunity:
Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services

We are seeking an experienced Senior Security Researcher to join our Research department, focusing on low-code/no-code platforms, AI copilots, and generative AI technologies. This role offers a unique opportunity to lead cutting-edge security research and help shape the future of application security in these rapidly evolving fields.

Responsibilities

Conduct thorough research to identify security weaknesses and vulnerabilities within low-code/no-code platforms, AI copilots, and Gen AI technologies.
Perform in-depth analysis of web and API security, identifying potential threats and developing mitigation strategies.
Work closely with cross-functional teams to address security concerns throughout the development lifecycle, particularly in AI and low-code/no-code environments.
Stay up-to-date with the latest industry trends, security threats, and advancements in low-code/no-code and AI technologies.
Develop proof-of-concept exploits, provide recommendations for remediation to affected vendors, and contribute to security detections in the platform.
Contribute to the development of security guidelines, best practices, and standards tailored for low-code/no-code platforms and AI security.
Collaborate with external security researchers and organizations to enhance the security posture of the low-code/no-code and AI landscape.
Conduct publishable research, sharing insights through blog posts, conference talks, and meet-ups to advance the broader security community.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

Required Senior Application Security Engineer
As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers.