דרושים » אבטחת מידע וסייבר » Senior Penetration Tester

Penetration Testing Specialist.
A company located in central Israel is looking for an experienced Penetration Tester to join its team.
The company provides security services to clients, and the role involves managing and performing penetration testing while providing on-site security services at the client's location.
This is an exciting opportunity for someone who thrives in a dynamic environment and enjoys taking ownership of projects from start to finish.
Responsibilities:
Conduct and manage penetration testing for clients across web applications, networks, and cloud environments.
Identify vulnerabilities, assess security risks, and provide actionable recommendations to improve security posture.
Work independently and take ownership of individual projects, ensuring all tasks are completed on time and to the highest standards.
Collaborate with internal teams and clients to tailor testing approaches based on specific security needs.
Provide expert guidance on remediation efforts, and support the implementation of security improvements.
Document findings, prepare detailed security reports, and deliver presentations to clients.
Stay up-to-date with the latest trends and tools in penetration testing, and continuously expand your skill set.
Location: Central Israel (providing on-site penetration testing services at client locations).
Position: Full-time.
If you are passionate about cybersecurity, possess a strong sense of ownership, and are looking for an opportunity to work on challenging security projects, wed love to hear from you!
CVs should be sent to our email.

Our Advanced Security Center is a global leader in information security services. As part of Ernst & Young's worldwide network, we are in Tel Aviv. Among our clients, you will find global companies, US governments, technology companies, financial institutions, utility companies, blue-chip firms, and many others.

Our employees are at the forefront of the information security field, with best practices in penetration testing, thorough research, homegrown tools, and more.
We provide an extensive training program that enables programmers, infrastructure, and network engineers to transition into the security profession and develop a long-lasting career path.

Job Description:
The work involves simulating attack scenarios against various applications, infrastructure, and network solutions on a wide range of platforms and technologies.
In addition to penetration testing and forensic services, we also offer consulting services, secure design and development services, and training.

seeking an experienced Cyber Threat Researcher to join our cyber research team. This role involves in-depth research into SaaS application security, identifying misconfigurations, and providing insights that help secure our customers SaaS environments. Youll work closely with product, marketing, and R&D teams to ensure your research contributes to developing cutting-edge security features and customer value.

Key Responsibilities
Conduct Security Research: Conduct in-depth research into security risks and misconfigurations associated with SaaS applications, identifying trends and opportunities to enhance product capabilities.
API Analysis: Review SaaS application APIs to assess security functionalities, and determine how to leverage them for enhanced protection.
Cyber Threat Intelligence: Analyze emerging cyber threats and breaches to understand attack vectors, risks, and trends, applying this knowledge to enhance the security posture of our product and customers.
Collaborate Across Teams: Partner with product, R&D, and marketing teams to translate research findings into valuable product features and contribute to security-focused publications and thought leadership.

We are looking for an experienced Privacy Specialist to become the founding member of our Data Protection Team. In this role, you will be critical in shaping and operationalizing our data privacy and protection strategy. This is a hands-on role requiring both strategic thinking and tactical execution. Youll collaborate with cross-functional teamsincluding Legal, Engineering, Product, and Securityto ensure our software, services, and internal practices align with privacy regulations such as GDPR, CCPA, and others relevant to our global operations.
Responsibilities:
Develop, enhance, and implement our privacy and data protection control framework, processes, and tools.
Ensure compliance with applicable data privacy laws (e.g., GDPR, CCPA) and coordinate with the Legal team to monitor evolving regulations.
Partner with Product and Engineering to embed privacy by design and default into new technologies and product features.
Lead data discovery, classification, and data flow mapping initiatives across systems and third-party services.
Conduct Data Protection Impact Assessments (DPIAs) and privacy risk evaluations for new products, projects, or vendors.
Create and deliver internal training programs to foster a company-wide culture of privacy awareness.
Collaborate with Information Security to develop and test incident response and data breach protocols.
Assess third-party vendors for privacy compliance and manage appropriate contractual safeguards (e.g., DPAs, SCCs).
Act as a subject matter expert and point of contact for internal and external stakeholders on all privacy-related matters.

Provide strategic and technical leadership for a team of managers and senior technologists developing the core datapath components of our cloud-native cybersecurity platform.
Own the delivery and lifecycle of multiple complex projects from architecture to deployment ensuring high performance, scalability, and security.
Define project scopes, goals, schedules, and resource plans; manage execution, mitigate risks, and ensure alignment with business priorities.
Drive technical problem solving, system reliability, and product quality improvements across the organization.
Collaborate closely with peer organizations (product management, customer support, and cross-functional engineering teams) to align goals and ensure end-to-end system success.
Stay ahead of industry trends, cloud advancements, and cybersecurity technologies; promote a culture of technical innovation and operational excellence.
Mentor, coach, and develop team members; build a high-performing, collaborative engineering culture.
Communicate program status, key challenges, and strategic insights to senior leadership and stakeholders.

Our Technology Consulting team is looking for a Cybersecurity Consultant to join our cyber department.

The Cyber Department works with a variety of clients in different fields: Government, Hi-tech, Industry, Retail, Hotels, Defense and more.

The Job Will Include:
Client Engagement: Leading, guiding and advising to clients in Israel and abroad as well as joint projects with various partners of KPMG global on cyber security projects based on methodology, regulation and standards.
Technologies: Work with different aspects of cyber security in multiple fields such as IT, OT & Cloud.
Security Assessments: Carrying out risk surveys including cyber, operational and supply chain risks.
Advisory and Strategy Development: Developing business continuity plans (BCP) ,cyber security and maturity programs, secure architectures, policies and information security procedures.
Collaboration: Leading representative and high-profile meetings with client internal senior management.

We are seeking a Compliance Auditor to ensure adherence to requirements of external certifications, internal policies, regulatory requirements and industry standards. Working directly in the Compliance team under Legal, and in parallel closely with RnD, this role involves supporting external assessments (SOC 2, ISO 27001, PCI-DSS and FedRAMP), conducting internal audits, responding to customer security inquiries, and enhancing compliance processes and security posture. The ideal candidate has experience in audit frameworks, risk management, and security controls, with strong analytical and cross-functional collaboration skills.

Key Responsibilities:
Assist with audits, such as: SOC 2, ISOs, PCI-DSS, and FedRAMP, including evidence collection and reporting.
Maintain documentation and evidence required for audits.
Conduct internal audits to assess compliance with company policies, regulatory frameworks and external certifications.
Ensuring company policies and procedures are maintained and implemented.
Drafting policies and procedures.
Assist in responding to customer security and privacy questionnaires.
Assist with compliance projects, such as: regulations compliance, and projects related to standards.
Assist with vulnerabilities management program.
Work with the Legal and Security teams to ensure policies align with compliance requirements.
Collaborate with Engineering and Product teams to implement compliance requirements.
Review third-party vendors for compliance with our requirements.

Our unique, highly motivated, interdisciplinary team seeks a seasoned Security design consultant.

You will:
Work as part of a fully empowered design and operations team to develop client standards, evaluate and refine AI-generated security designs and associated documentation and support the ongoing evolution of our groundbreaking technology.
You will collaborate with researchers, software designers, developers, clients, and QA testers.
Once conversant with the platform, you may be required to engage with clients to understand their security needs and work with them to develop their own design Play Book.
You will own the review and acceptance of output designs, ensuring client requirements and compliance is met.
Provide subject matter expertise and feedback to key internal colleagues to guide prioritisation and ensure that product development is constantly focused and impactful, reflecting the needs of our clients.

We are looking for a Corporate Development Director to join our team. In this role you will play a pivotal role in shaping the companys strategic growth through acquisitions, partnerships, and ecosystem expansion. This is not just a deal-making role its a leadership position at the intersection of business strategy, technology, and innovation. You will work closely with executive leadership, product teams, and external partners to identify transformative opportunities across cybersecurity domains like SASE, Cloud Security, and SecOps.

If you thrive in fast-moving environments, have deep industry insight, and are ready to influence the future of cybersecurity, we want to hear from you!



Key Responsibilities


Ecosystem Relationships, Deal Sourcing
Proactive out-reach to start-ups and mature companies in ecosystem understand offerings, build and maintain relationships
Maintain relationships with cybersecurity focused investment banks, VCs, PEs
Source, screen and manage an on-going deal flow of acquisition opportunities.
Strategic Domain Leadership-- E.g. SASE, Cloud Security, SecOps, Managed Services, etc.
Deep domain understanding (customer value, use cases, technologies, offerings, vendors)
Know on a personal deep level all companies active in the domain (startups and mature co)
Work with R&D and PM to understand CHKP product roadmap in the domain and define Corp Dev strategy (Build/Partner/Buy)
Assist R&D and PM in partnership / OEM discussions
Lead the evaluation of M&A target companies
M&A Due Diligence Leadership
Project Manage DD process - internally and vis-à-vis the target company

Engage with all DD Team Leaders to define their scope of DD and key questions
Facilitate Team Leaders meetings with their target company counterparts; prepare agendas; ensure good communication
Issue DD findings reports
Present DD finding to Management
M&A Deal Making
Play significant role in M&A deal making process (legal, finance, accounting, tax, HR aspects)