דרושים » אבטחת מידע וסייבר » Android Security Researcher

As a Product Security Response Manager, you will be responsible for managing a portion of PSIRTs global headcount. You will direct the day-to-day activities of product security engineers you lead, including processing root cause analysis of product security vulnerabilities reported as part of the bug bounty and responsible disclosure program, vulnerability remediation collaboration with internal development teams, research projects for reported vulnerability patterns, and process improvements. As a Product Security Response Manager, you will work with pool of talented external researchers (i.e., our bug bounty and responsible disclosure programs) to ensure they are equipped to succeed and mitigate uncoordinated disclosures. You will also make hands-on contributions to reducing security risks in products and services by partnering with other teams in the development and security organisations.

What you get to do in this role:

Serve as a people leader.
Serve as a project manager for PSIRT-led research projects.
Oversee product security incidents, small and large.
Stay updated on industry best practices, including the CVE program and FIRST.org special interest groups.
Recommend and develop new product security policies and procedures.
Partner with key contacts outside of our department.

We are looking for an all-around offsec attack researcher to join our group and become part of the revolution.
Roles and Responsibilities:
Conduct state of the art research on windows platforms and be one step ahead of real threat actors in areas such as AV/EDR evasion, subvert communication channels, binary exploitation and vulnerability research.
Integrate the research outputs into attack platforms for enhancing the automation ecosystem with new attack capabilities.
Develop decision-making algorithms to bridge the gap between an automated system and an experienced human attacker
Develop production-ready attack capabilities. What development language is relevant? WHATEVER IT TAKES!
Python, C/C++, CSharp, Java, Office Macros, Bash, Powershell, Go, Assembly,
Mentor other members of the R&D team.
So, can we offer you the red pill and join our journey to create the ultimate automated hacker?

We are looking for an offsec Cloud attack researcher to join our group and become part of the revolution.
Roles and Responsibilities:
Conduct state of the art research on AWS, Azure and GCP cloud platforms and be one step ahead of real threat actors.
Integrate the research outputs into attack platforms for enhancing the automation ecosystem with new attack capabilities.
Develop decision-making algorithms to bridge the gap between an automated system and an experienced human attacker
Develop production-ready attack capabilities. What development language is relevant? WHATEVER IT TAKES!
Python, C/C++, CSharp, Java, Office Macros, Bash, Powershell, Go, Ruby,
Mentor other members of the R&D team.
So, can we offer you the red pill and join our journey to create the ultimate automated hacker?

Medison offers hope to patients suffering from rare and severe diseases by forming partnerships with emerging biotech companies to accelerate access to highly innovative therapies in international markets. As the creator and leader of the global partnership category in the pharma industry, we strive to be Always Ahead and work relentlessly to bring therapy to patients in need, no matter where they live. The Information Security Officer (ISO) at Medison Pharma will be responsible for developing, updating, and maintaining the organizational information security management framework, including policies, procedures, and work plans. The ISO will provide consulting services on relevant solutions and products and lead the improvement and development of the information security field. Additionally, the ISO will manage projects related to the examination and implementation of new information security products and characterize information security solutions for related projects. The ISO will also advise on compliance with privacy and cyber protection laws and regulations, conduct information security and privacy protection surveys, and oversee ISO 27001 compliance, focusing on all aspects of cybersecurity within Application Security (AppSec), Infrastructure Security (DevSec), Governance, Risk, and Compliance (GRC), Security Information and Event Management (SIEM)/Security Operations Center (SOC), incident response, and IT security.

Responsibilities:

* Develop, update, and maintain a cybersecurity strategy.
* Manage a risk-based cybersecurity program to secure corporate IP, technology, information, computer systems, networks, and data.
* Provide guidance on proposed cybersecurity best practices to different business functions.
* Develop comprehensive cybersecurity guidance, processes, and procedures based on industry standards.
* Stay informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues.
* Advise, counsel, and educate executive and management teams on the importance of cybersecurity.
* The position reports to Medison's CISO

We are looking for an eager and talented individual for our growing Solution Architect team. You will be a part of a fast-growing cybersecurity company, learn and practice high-end cyber skills from the best in the business and manage customers regionally. You will work with amazing people who work together to improve the cybersecurity resilience of our customers. The Solution Architects are considered to be our top experts in our products, serving as a very important point of contact between our customers and our inner departments.
Roles and Responsibilities:
Demonstrate a deep understanding and professional knowledge in our platform across our customers networks
Design deployment solutions for the platform in complex environments
Maintain in-depth knowledge of security trends, threats, and attack techniques in order to be able to improve us and to give better remediation guidance to the customers
Lead technical deep-dive sessions with cybersecurity experts, guide them through better Penetration Testing procedures and remediation/defense decisions
Be involved in the business application of the company by maintaining customer loyalty and act as a product expert focused on customer education and identify service expansion opportunities to drive increased revenue
Interface between different internal departments (Support, R&D, Sales, Pre-Sales, and more) to improve your skills, knowledge and problem-solving capabilities
Pay attention to support requests to identify recurring issues and recommend changes to the Pentera platform
Flexibility to accept a changing work description based on a hyper-fast startup.

Be the guardian of trust in a fast-moving fintech world. As a GRC Security Specialist, youll lead cybersecurity governance, drive compliance with global standards (SOC 2, PCI-DSS, NIST), and partner with tech and legal teams to embed security into every layer of the business. If you live and breathe risk, regulation, and resiliencethis is your arena.

Hybrid.
Full-time.

What youll do:
Developing and maintaining policies, procedures, and controls to ensure compliance with regulatory, legal, and audit requirements, as well as best business practices.
Creating a cybersecurity compliance strategy and ensuring alignment with contractual obligations and globally recognized standards and guidelines.
Identifying regulatory, legislative, and industry-specific compliance requirements and defining controls to meet them.
Conducting and participating in periodic internal reviews or audits to ensure compliance procedures are followed.
Overseeing and evaluating compliance systems to ensure their effectiveness.
Compiling and presenting reports to management on compliance activities and progress.
Staying up to date on industry developments, regulatory trends, and best practices to assess their impact on the organization.
Designing and implementing improvements in compliance communication, monitoring, and enforcement mechanisms.
Developing and executing a compliance awareness program, including the creation and distribution of materials for all employees.
Partnering with Legal and IT teams to manage data protection agreements and compliance initiatives.
Leading the development and execution of company-wide security awareness and training initiatives.
Assisting in incident response planning and investigations when necessary.

A global leader in Identity Security, is seeking a talented GRC Compliance Expert to join our Governance, Risk, and Compliance team.
This role is ideal for someone with a strong understanding of leading international standards and regulations (such as ISO 27001, SOC 2, PCI-DSS, and others) and a passion for building and maintaining scalable, enterprise-grade compliance programs.
Youll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with hands-on experience implementing and maintaining PCI-DSS / SOC2 compliance, including managing assessments, evidence collection, and cross-functional collaboration.
Key Responsibilities:
Ensure the companys continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
Monitor changes in the regulatory and industry landscape and assess their applicability to our operations.
Lead internal control mapping, gap assessments, and remediation tracking.
Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

Additionally, the ISO will manage projects related to the examination and implementation of new information security products and characterize information security solutions for related projects. The ISO will also advise on compliance with privacy and cyber protection laws and regulations, conduct information security and privacy protection surveys, and oversee ISO 27001 compliance, focusing on all aspects of cybersecurity within Application Security (AppSec), Infrastructure Security (DevSec), Governance, Risk, and Compliance (GRC), Security Information and Event Management (SIEM)/Security Operations Center (SOC), incident response, and IT security.

Responsibilities
Develop, update, and maintain a cybersecurity strategy.
Manage a risk-based cybersecurity program to secure corporate IP, technology, information, computer systems, networks, and data.
Provide guidance on proposed cybersecurity best practices to different business functions.
Develop comprehensive cybersecurity guidance, processes, and procedures based on industry standards.
Stay informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues.
Advise, counsel, and educate executive and management teams on the importance of cybersecurity.

We are interested in welcoming a Senior Cybersecurity Expert to join our team, to plan, research, and develop proprietary automotive cybersecurity solutions.
Responsibilities and tasks include:
Threat and vulnerability assessment and analysis
Design, implement, and verify mechanisms to neutralize potential threats
System hardening and characterization
Penetration testing.

We are looking for a passionate and skilled Network Security Expert to join our team! If you're excited about securing critical systems, networks, and information while working with cutting-edge security technologies, this role is for you.
What You'll Do:
Design, implement, and monitor security measures to protect our systems, data, and networks.
Define and establish robust security requirements to mitigate risks effectively.
Develop and document security protocols and best practices.
Configure, troubleshoot, and optimize security components to ensure peak performance.
Detect and respond to security threats, breaches, and vulnerabilities with precision.
Work with the latest security tools to automate and enhance security processes.