דרושים » אבטחת מידע וסייבר » Information Technology Consultant

we are a leader in cloud-native networking software for hyperscalers and service providers who are building the largest infrastructures in the world for network services, AI platforms and SaaS offerings. Founded in December 2015, our company disrupted some of the most challenging high-scale markets, transforming the way Networks are built, scaled, and consumed. We also built the largest network in the world, with more than half of AT&Ts backbone running on our Network Cloud. we have raised $587 million in three funding rounds which enable us to dream big and bring on the most talented people.
The Role:
As the Director of Information Security and GRC, you will oversee all aspects of our company's information security program, ensuring the protection of our data, systems, employees, and applications. You will lead a team of talented security professionals, driving a proactive, responsive and comprehensive security posture aligned with industry best practices and regulations.
Responsibilities:
Be kind.
Will be leading a team of 3-4 security operations specialists and engineers.
Embody the organizations values and act as a values champion, holding both yourself and others accountable to them.
Develop and implement a comprehensive information security strategy aligned with business objectives and risk tolerance.
Lead the Security team, fostering a culture of transparency, continuous improvement and collaboration.
Lead the development and implementation of IT governance frameworks and policies.
Oversee the implementation and maintenance of security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.
Manage product security, vulnerability management, and incident response processes.
Design and implement a robust Governance, Risk, and Compliance (GRC) program, ensuring companywide adherence to relevant regulations and standards.
Conduct regular security assessments and risk analyses to identify and mitigate potential vulnerabilities, partnering with business units and stakeholders across the organization.
Ensure that the organization is prepared for internal and external IT audits; and manage the audit process.
Coordinate with external agencies, auditors, customers and stakeholders for compliance assessments and audits.
Assist in the selection, implementation, and maintenance of security technologies, tools, vendors, and processes to ensure adherence to the organization's security policies and goals.
Work with DevOps and the development staff to improve the security posture and to implement secure SDLC practices.
Stay up to date on the latest security threats, trends, and technologies, ensuring that our company adopts appropriate countermeasures.
Develop and deliver security awareness training programs for employees.
Manage the security budget and resources effectively.
Report to the Chief Operating Officer (COO) on the organization's overall security posture.
Curate the organizations risk register and report regularly on burndown.

the original API Security vendor pioneering the market as the first vendor in 2018. Since then we have exhibited hyper-growth in a number of customers, threats stopped, and revenue. We saw API security as the security battleground of the future years ago as APIs started to form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every modern app depends on APIs. Attackers realize APIs are the conduits to all sorts of valuable data and services within the year, APIs are predicted to be the number one application threat vector. Without secure APIs, businesses cannot rapidly innovate. delivered the only patented solution to discover all APIs and their exposed data, stop API attackers, and provide remediation details for dev teams to write more secure APIs.
At Salt, were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving diverse challenges.

Want to make a big difference? We encourage you to apply!
About the position:
We are seeking a highly skilled and experienced Principal Architect to join our dynamic team. As the Principal Architect, you will be responsible for overseeing the design, development, and implementation of our API security platform. You will play a critical role in defining the technical vision and roadmap, leading architectural decisions, and ensuring the scalability, performance, and security of our products.
Responsibilities:
Lead the technical architecture and design of API security platform, working closely with cross-functional teams, including engineering, product management, and security operations.
Define and drive the technical vision, strategy, and roadmap for the platform, aligning it with business objectives and customer needs.
Provide technical leadership and mentorship to the engineering team, promoting best practices, code quality, and continuous improvement.
Collaborate with stakeholders to gather requirements, analyze technical feasibility, and identify areas for innovation and differentiation.
Evaluate and select appropriate technologies, frameworks, and tools to support the development of robust, scalable, and secure solutions.
Ensure architectural consistency and integrity across different components, modules, and systems.
Conduct regular code reviews, architectural reviews, and performance assessments to maintain high standards of software quality.
Stay up-to-date with industry trends, emerging technologies, and best practices in API security and cloud computing, and apply that knowledge to enhance our platform.

Required GRC Cyber Security Consultant
Our Cyber & Strategic Risk practice provides numerous opportunities to collaborate with industry-leading clients and projects.
The practice offers technological resources to aid clients in addressing their most significant challenges.
As a Senior Cyber Security Consultant, you will be part of a team that assists clients in designing and implementing transformational enterprise security programs, organizational structures, and capabilities to more effectively manage cyber risks aligned with business priorities.
Responsibilities:
Leading Client Engagement: Leading, guiding, and advising clients both domestically and internationally on cyber security projects based on methodology, regulation, and standards.
Leading Security Assessments: Conducting cyber risk assessments within various organizations across different sectors such as government, technology, and pharmaceuticals.
Advisory and Develop and implement: Developing business continuity plans (BCP), cyber security and maturity programs, secure architectures, policies, and information security procedures.
Collaboration: Working with other teams on large technology transformation projects, including those involving Cloud, SAP, Oracle, and Salesforce.

At our company, were reinventing DevOps to help the worlds greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. Here, if youre willing to do more, your career can take off. And since software plays a central role in everyones lives, youll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust our company to manage, accelerate, and secure their software delivery from code to production -- a concept we call liquid software. Wouldn't it be amazing if you could join us on our journey?The company's CSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the company application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our company products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher at our company you will
Continuously assess and challenge our companys overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Plan and lead cross-company efforts with the R&D that will improve our companys security posture.

the original API Security vendor pioneering the market as the first vendor in 2018. Since then we have exhibited hyper-growth in a number of customers, threats stopped, and revenue. We saw API security as the security battleground of the future years ago as APIs started to form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every modern app depends on APIs. Attackers realize APIs are the conduits to all sorts of valuable data and services within the year, APIs are predicted to be the number one application threat vector. Without secure APIs, businesses cannot rapidly innovate. delivered the only patented solution to discover all APIs and their exposed data, stop API attackers, and provide remediation details for dev teams to write more secure APIs.

At Salt, were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving diverse challenges.
Want to make a big difference? We encourage you to apply!

About us
APIs form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every web and mobile app depends on APIs. Without secure APIs, businesses cannot rapidly innovate. has delivered the only patented solution to identify and prevent API attacks, using Big Data and AI to thwart this top threat to businesses today.

About the position
We are seeking a Cloud Security Engineer to join our growing team. The ideal candidate will be responsible for ensuring the security of our infrastructure and data, as well as managing the day-to-day operation and maintenance of our Cloud/ SaaS Security systems. The ideal candidate should have public cloud experience and expertise in SaaS security, Cloud security, ZTNA systems and concepts, DLP, CASB, SIEM, MDM (Jumpcloud), and EDR.

What will you do?
Design & implement, and maintain security measures, including firewalls, intrusion detection systems, and access controls for cloud environments.
Provide expertise and support for SaaS security, Cloud security, ZTNA systems and concepts, DLP, CASB, SIEM, Application Security Systems.
Develop and maintain documentation for our security systems and security procedures for cloud environments.
Collaborate with other teams to ensure the integration of security into all aspects of our IT & Security infrastructure and operations for cloud environments.
Stay up-to-date on the latest security trends, technologies, and best practices

We are looking for a Security Operations & Incident Response Engineer to join our fast-growing company at a breakthrough stage, where we are building our dream team with the most passionate and professional people in the industry.
Our security team blends cyber expertise with cutting-edge automation and AI. Were looking for someone who thrives in a fast-paced SaaS environment and is eager to make an impact.
Key Responsibilities
Security Engineering & Incident Response
Collaborate with the CISO and peers to shape and execute the companys security strategy.
Develop, maintain, and continuously improve security playbooks, processes, and response frameworks.
Manage the full lifecycle of security alerts from triage and investigation to response and escalation using our companys Case Management platform.
Perform access and configuration reviews across cloud, SaaS, and endpoint environments, and lead remediation efforts where needed.
SIEM & Automation Expertise
Develop and fine-tune detection rules in Splunk (or similar SIEM platforms) to increase detection quality and reduce false positives.
Utilizing our company to build and manage automated workflows to accelerate incident response and reduce MTTR.
Evaluate new security technologies and lead proof-of-concepts to improve existing controls.
Collaboration & Enablement
Partner with IT and Engineering to strengthen SaaS security practices.
Act as a trusted advisor across teams, promoting security awareness and best practices.
Communicate clearly in both Hebrew and English, providing documentation and updates to relevant stakeholders.

We are looking for a Senior Application Security Engineer.
As an Application Security Engineer , you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers

we are looking for an experienced Team Lead to lead a team responsible for simulating attack scenarios across various applications, infrastructures, and network solutions on multiple platforms and technologies. This role includes managing penetration testing and forensic services, as well as overseeing consulting, secure design and development services, and training initiatives.
Job Description:
Team Leadership: Lead and mentor a team of penetration testers, fostering a culture of continuous learning and excellence.
Client Engagement: Act as the primary point of contact for clients, effectively presenting findings and recommendations.
Service Development: Enhance penetration testing methodologies, tools, and services.
Training & Development: Identify skill gaps and provide training to team members to strengthen technical capabilities.
Consulting: Offer expert guidance on secure design and development best practices across various platforms and technologies.

By joining our management team as the R&D director, you will take full responsibility of the email and collaboration product family R&D, manage a growing global team of over 50 professionals, and be at the top of technology for cloud SaaS high scale/high velocity AI/ML based security solutions, serving tens of thousands of global enterprise customers.
If you want to make a real global impact, making the world a safer place join us !
Key Responsibilities
Product Development:
Oversee the design, development, maintenance and deployment of cutting-edge cloud based email security products and features, serving tens of thousands of global enterprise customers.
Ensure products meet market needs and regulatory requirements while maintaining the highest security and coding standards.
Ensure products are developed in the most cost effective manner, deployed over multiple regions utilizing cutting edge cloud infrastructure and technologies.
Ensure products are robust, built to scale and support dynamic architecture changes for fast growing changing environments.
Ensure product is fully monitored at the highest level 24/7 by actively implementing a reliable monitoring system across multiple domains and regions.
Team Management:
Lead, mentor, and develop a growing high-performing R&D team of over 50 high skill professionals, across the globe. including group and team leaders, software engineers, data scientists, and cybersecurity experts.
Foster collaboration and cross-functional integration between R&D, product management, customer success, and other departments.
Manage our R&D team building. Recruit and support extending our R&D ever growing team to catch up with product growth.
Monitor and report on R&D performance metrics and project progress to the executive team.
Research & Innovation:
Drive research initiatives to explore new technologies, threats, and opportunities in cloud, AI/ML and email security.
Maintain a strong understanding of industry trends, emerging threats, and competitive landscape.
Drive innovation through threat modeling, prototyping, and validating emerging technologies.
Quality Assurance:
Ensure rigorous testing and validation processes to guarantee the reliability, performance, and security of products.
Implement best practices for software development and quality assurance utilizing advanced automation technologies.
Implement full system monitroing to assure production top availability and performance.

At our company, were reinventing DevOps to help the worlds greatest companies innovate and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. If youre willing to do more, your career can take off. And since software is central to everyones lives, youll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust our company to manage, accelerate, and secure their software delivery from code to production a concept we call liquid software. Wouldn't it be amazing if you could join us on our journey?
As an Offensive Security Team Lead, you will spearhead our companys offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our companys systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead at our company you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our companys infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our companys security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.