דרושים » אבטחת מידע וסייבר » Information Security Manager

the brand grabs attention like nothing else in cybersecurity. And were growing like crazy, with $70M in Series C funding, 200% employee growth, and 300% revenue growth in 2024. Fueling growth are our game changing agentic AI security solutions, backed by a team and culture that makes one of Forbes Best Startup Employers in America, and a Business Insider startup to bet your career on.

Life at is all gas, no brakes. Were a team of relentless, collaborative go-getters pushing the boundaries of whats possible for security automation. Every role is an essential driver of success as the AI-native autonomous SecOps platform of choice for security teams across the Fortune 500. Excited about our vision and ready to make an impact as we grow? Wed love to see what you can bring to the team.
looking for an experienced and passionate Cloud and SaaS Security professional to play a key role in advancing our security strategy.
In this role, youll take ownership of securing our cloud infrastructure, SaaS platforms, and incident response practices. You'll help shape our security posture, identify threats and misconfigurations, and respond effectively to security events.

What You'll Do
As a Senior Cloud Security Engineer at , you will:
Strengthen and maintain our cloud security posture using CNAPP tools.
Manage security controls and configurations across a wide range of SaaS platforms.
Collaborate on incident response efforts, including triage, containment, and post-incident reviews.
Develop detection content using SIEM and Hyperautomation workflows.
Evolve Incident Response and Security Operations programs to safeguard current and future assets.
Optimize and fine-tune security tool configurations to reduce false positives and increase effectiveness.
Support compliance initiatives such as SOC 2, ISO 27001, and FedRAMP readiness.
Work hands-on with the CISO and Security Manager on strategic security projects.
Partner with cross-functional teams including R&D, DevOps, and Engineering to drive security best practices

A company located in central Israel is looking for a full-time Information Security Consultant and Advisor.
This is a great opportunity to gain experience in a GRC (Governance, Risk, and Compliance) role and as an Information Security Consultant for cutting-edge tech companies, while also influencing the company and its information security posture.
Responsibilities include:
Supporting organizations in the creation and management of information security programs.
Overseeing information security systems.
Developing risk management processes.
Supporting cross-organizational processes.
Conducting information security reviews and regulatory gap assessments.
Designing and implementing security hardening processes.
The role is dynamic and includes consulting and on-site support at the client's location.
This is a full-time position.
CVs should be sent to our e-mail.

we are looking for an experienced Application Security Architect to join our Cybersecurity team. In this role, you will be instrumental in building and advancing our companys application security programs. Working closely with talented engineers, product managers, and platform teams, youll play a key role in ensuring the security of our software development lifecycle (SDLC).
Youll provide security services including secure coding practices, architecture reviews, awareness and training initiatives, and tool implementation. From threat modeling to secure development education, your contributions will directly impact the safety and resilience of our companys products.
What am I going to do?
Lead Secure SDLC Initiatives: Drive security throughout the software development lifecycle (S-SDLC), including threat modeling, risk assessments, and mitigation planning for new and existing applications.
Embed Secure Design Practices: Guide development teams on implementing secure architectural patterns, design principles, and coding standards, with emphasis on OWASP and industry best practices.
Security Tooling Strategy: Define and manage the integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools into our companys CI/CD pipelines, ensuring scalable, platform-agnostic coverage and effective vulnerability management.
Security Testing & Remediation: Perform and oversee application security testing, ensuring timely remediation of identified vulnerabilities.
Develop Security Standards: Create and maintain secure coding standards, best practices, and development guidance tailored to our companys tech stacks.
Code Reviews: Conduct in-depth manual and automated security code reviews for critical components, offering practical and constructive feedback to engineering teams.
API & Mobile App Security: Design and assess security for APIs and mobile applications, ensuring robust authentication, authorization, and data protection in line with industry standards.
Third-Party Risk Management: Evaluate the security posture of third-party libraries, components, and services integrated into our company's applications.
Cloud Security Collaboration: Partner with Cloud Security Architects to ensure secure application deployment in cloud environments (e.g., AWS, GCP), offering expert advice on cloud-native security practices.
Team Enablement & Education: Mentor development teams on emerging threats, secure coding techniques, and security-first development approaches.
Bug Bounty Program Leadership: Manage and evolve our companys bug bounty program, working with researchers and internal teams to resolve findings efficiently.

we are looking for an experienced Team Lead to lead a team responsible for simulating attack scenarios across various applications, infrastructures, and network solutions on multiple platforms and technologies. This role includes managing penetration testing and forensic services, as well as overseeing consulting, secure design and development services, and training initiatives.
Job Description:
Team Leadership: Lead and mentor a team of penetration testers, fostering a culture of continuous learning and excellence.
Client Engagement: Act as the primary point of contact for clients, effectively presenting findings and recommendations.
Service Development: Enhance penetration testing methodologies, tools, and services.
Training & Development: Identify skill gaps and provide training to team members to strengthen technical capabilities.
Consulting: Offer expert guidance on secure design and development best practices across various platforms and technologies.

Prisma-Photonics is a rapidly growing startup company, developing the next-generation smart-infrastructure solution based on novel fiber-sensing technology (smart roads, smart cities, perimeters, and grid monitoring, etc.). The company offers an award-winning disruptive solution; a “sensor free” approach to smart infrastructure. The company is VC backed and in the revenues stage.
Combining pioneering technology in optical fiber sensing with state-of-the-art machine learning, we help prevent environmental disasters, protect human lives, and keep critical energy and transportation backbones running smoothly.
We are seeking a talented, self-driven and passionate Senior Infrastructure Engineer to build and maintain the cloud infrastructure for our highly available SaaS application as well as our machine learning and data engineering stack. As a Senior Infrastructure Engineer, you will be responsible for designing, implementing, and maintaining the cloud infrastructure and DevOps processes that power our products and internal tooling. You will work closely with all data and development teams and lead the company’s security and compliance vectors. You will ensure a highly reliable, scalable, and secure infrastructure that supports our rapid growth and product innovation, while maintaining observability and cost-effectiveness of our cloud resources and data.

Manager:
Oded Messer

What You’ll Do:

* Cloud Infrastructure Management: Architect, deploy, and manage our cloud infrastructure (AWS), ensuring high availability, scalability, and security.
* Software Engineering: Be a top notch SW engineer, harnessing your coding and architectural skills, as well as researching skills, for our infra stack.
* Infrastructure as Code (IaC): Define and maintain infrastructure using tools like Terraform, CloudFormation, or Pulumi to manage resources efficiently and reproducibly.
* Monitoring & Incident Management: Build and manage monitoring and alerting systems to ensure uptime, and respond to incidents with root cause analysis and remediation.
* DevOps & Automation: Implement and maintain CI/CD pipelines to streamline development workflows and automate deployment processes across development, staging, and production environments, and across different parts of our solution. While our development teams are expected to write and maintain their own CI, you will act as a supervisor and professional authority, and maintain cross team and complex automation.
* Collaboration and technical leadership: Partner with software engineers, data engineers, and machine learning teams to support their infrastructure needs and guide the evolution of our infrastructure team.
* Cost Optimization: Monitor cloud spend and optimize resources to ensure cost-effective infrastructure without sacrificing performance or security.
* Security & Compliance: Implement security best practices, including access control, network security, monitoring and ensuring the infrastructure is compliant with relevant industry standards (e.g., SOC2, GDPR).


What You Bring::

* 5+ years of hands-on experience in cloud infrastructure, DevOps and platform engineering in production environments.
* Expertise in managing cloud infrastructure on at least one of the major providers: AWS, GCP, Azure. Proficient in Infrastructure as Code tools such as Terraform, CloudFormation, or Pulumi.
* Solid experience with Docker and Kubernetes.
* Monitoring & Logging: Hands-on experience with monitoring tools (Prometheus, Grafana) and logging systems (ELK, Splunk, or equivalent).
* Proficient Software engineering, architecture, as well as scripting languages such as Python, Bash, or Go. Full control of version control systems such as Git.
* Strong experience with CI/CD pipelines and automation using Jenkins, CircleCI, GitHub Actions, GitLab CI, or similar.
* Strong understanding of cloud networking, VPNs, VPCs, DNS, and firewalls

We are looking for a Senior Application Security Engineer.
As an Application Security Engineer , you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers

Required GRC Cyber Security Consultant
Our Cyber & Strategic Risk practice provides numerous opportunities to collaborate with industry-leading clients and projects.
The practice offers technological resources to aid clients in addressing their most significant challenges.
As a Senior Cyber Security Consultant, you will be part of a team that assists clients in designing and implementing transformational enterprise security programs, organizational structures, and capabilities to more effectively manage cyber risks aligned with business priorities.
Responsibilities:
Leading Client Engagement: Leading, guiding, and advising clients both domestically and internationally on cyber security projects based on methodology, regulation, and standards.
Leading Security Assessments: Conducting cyber risk assessments within various organizations across different sectors such as government, technology, and pharmaceuticals.
Advisory and Develop and implement: Developing business continuity plans (BCP), cyber security and maturity programs, secure architectures, policies, and information security procedures.
Collaboration: Working with other teams on large technology transformation projects, including those involving Cloud, SAP, Oracle, and Salesforce.

We are seeking a Compliance Auditor to ensure adherence to requirements of external certifications, internal policies, regulatory requirements and industry standards. Working directly in the Compliance team under Legal, and in parallel closely with RnD, this role involves supporting external assessments (SOC 2, ISO 27001, PCI-DSS and FedRAMP), conducting internal audits, responding to customer security inquiries, and enhancing compliance processes and security posture. The ideal candidate has experience in audit frameworks, risk management, and security controls, with strong analytical and cross-functional collaboration skills.

Key Responsibilities:
Assist with audits, such as: SOC 2, ISOs, PCI-DSS, and FedRAMP, including evidence collection and reporting.
Maintain documentation and evidence required for audits.
Conduct internal audits to assess compliance with company policies, regulatory frameworks and external certifications.
Ensuring company policies and procedures are maintained and implemented.
Drafting policies and procedures.
Assist in responding to customer security and privacy questionnaires.
Assist with compliance projects, such as: regulations compliance, and projects related to standards.
Assist with vulnerabilities management program.
Work with the Legal and Security teams to ensure policies align with compliance requirements.
Collaborate with Engineering and Product teams to implement compliance requirements.
Review third-party vendors for compliance with our requirements.

Lead security efforts in your domains and reflect the security posture and gaps to stakeholders
Define and execute annual roadmaps to mitigate security risks and design secure architectures in diverse business units
Review and assess newer complex environments, discovering security gaps and creating security control in the form of policies and other mitigations
Develop best practices and security standards for the organization
Carry out proof of concepts for the latest security tools based on security needs and your own research
Work closely with DevOps team and development teams.

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.

Main Responsibilities:
Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for our XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.