דרושים » אבטחת מידע וסייבר » Offensive Security team lead בחברת הייטק בתחום ה-DevSecOps ו-MLOps

We are seeking a highly skilled and motivated Senior Security Researcher to join our dynamic team at our company. As a Senior Security Researcher, you will play a pivotal role in simulating real-world attack scenarios, identifying vulnerabilities, and contributing to the development of innovative security solutions. You will work alongside some of the best security experts in the industry, driving research initiatives and enhancing your knowledge of emerging threats and attack techniques.
Key Responsibilities:
Conduct in-depth research and analysis of n-day vulnerabilities to assess risk and potential impact.
Investigate attack vectors across various operating systems and cloud environments (IaaS/SaaS).
Define and document mitigation strategies for discovered attack techniques, collaborating with development teams for implementation.
Drive the integration of research findings into product features, ensuring enhanced security capabilities.
Stay abreast of the latest security trends, technologies, and best practices to maintain expertise in the field.
Collaborate with cross-functional teams to communicate and implement identified attacks, techniques, and solutions.
Contribute to public security research through blog posts and potentially present findings at industry conferences.

We are looking for an experienced Vulnerability Researcher to lead our world-class vulnerability research team.
As a Vulnerability Researcher Team Lead, you will perform research and responsible disclosure on the latest open-source software, working with your team to find flaws in the most popular components today. The position requires proven experience in vulnerability research, both on web applications and native applications.
As a Vulnerability Researcher Team Lead you will...
Research zero-day vulnerabilities in open-source projects and popular web applications
Manage a team of senior researchers, setting the teams research targets and methodologies
Manage the coordinated disclosure process for vulnerabilities identified by the team
Write & review technical blogposts for vulnerabilities identified by the team
Speak in the most important global security conferences about vulnerabilities identified by the team.

We are looking for an experienced malware researcher to lead our malware research team.
As a Malware Research Team Lead, you will lead research on source code, compiled code, and various software supply chain attacks. The position requires proven experience in researching malicious code, understanding supply chain attack techniques, and experience in developing malware monitoring and analysis automation.
As a Malware Research Team Lead you will...
Lead a team of experienced malware researchers to discover malicious code in open source & new supply chain attack techniques
Research malicious code in public repositories from various coding languages and technologies
Define and implement ways to automatically detect malicious code in open-source software
Write technical reports and outward-facing publications regarding all research subjects mentioned above
Present your teams research in local and international security conventions.

We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

Required PRODUCT SECURITY TEAM LEADER
Responsibilities:
Manage and lead a team of product security engineers, overseeing daily operations and ensuring high-quality execution of product security assessments and projects.
Develop and execute the strategic roadmap for the team, aligning with the groups KPIs, organizational goals, and industry best practices.
Oversee post-production activities, tools, and procedures, such as penetration testing, WAF policies, and runtime protection policies, in advanced Kubernetes (k8s) environments, micro-services architectures, and cutting-edge CI/CD pipelines.
Manage the companys bug bounty programs, collaborating with external security researchers.
Plan, manage, and execute security projects, coordinating cross-functional teams to ensure timely and effective implementation of security initiatives.
Collaborate closely with software architects, security champions, and R&D teams to triage security findings and develop mitigation strategies.
Be responsible for monitoring and protecting the companys external attack surface by leading the design and development of internal (and our OSS) security tools and proprietary products. More about how we manage our attack surface: The Continuous Recon Mindset
Develop and conduct security training sessions for R&D and other departments to foster a strong security culture within the organization.
Lead incident response efforts, coordinating with the incident response team during security crises to ensure swift and effective resolution.
Promote continuous improvement in security methodologies, staying abreast of the latest trends and threats.
Ensure compliance with EU GDPR, CCPA, and other relevant standards by guiding technological compliance efforts.

The CSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher you will
Continuously assess and challenge our overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Plan and lead cross-company efforts with the R&D that will improve JFrogs security posture.

Required Security Researcher
As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Your role will include: Researching OS internals, deconstructing of applications, architecture reviews and red-team tests
Define product requirements, alert mechanisms, working procedures and more.

We're seeking an experienced CISO for a part-time, flexible consulting role to guide our security strategy and ensure best practices across development and infrastructure teams. This role also plays a key part in supporting our compliance initiatives.
Key Responsibilities:
Oversee and maintain security policies and processes
Advise application development teams on secure coding and architecture
Support infrastructure teams with secure configuration and best practices
Lead involvement in key compliance activities.

we are looking for a creative and highly motivated Security Research Analyst to join the company's research team and work closely with the cyber research, data analytics, and product teams within the company.
As a Security Research Analyst you will research the automotive cyber security domain, and turn data into actionable information.
You will drive innovative Cyber ideas for the automotive industry, using cutting-edge tools and methodology, and have a major part in developing the next generation of security and knowledge management for the automotive industry.
This role is full-time and is based in Herzliya, Israel.
Responsibilities
Work with the product and analytics disciplines within the company.
Turning data into actionable information for data-driven decision making.
Research large scale and diverse automotive data sets.
Work closely with the engineering team and cyber research team to build our analytics solution.
Build an innovative security technology.
Research new technologies and adopt them for use in our companys product.