דרושים » אבטחת מידע וסייבר » Cloud Security Manager

Be the guardian of trust in a fast-moving fintech world. As a GRC Security Specialist, youll lead cybersecurity governance, drive compliance with global standards (SOC 2, PCI-DSS, NIST), and partner with tech and legal teams to embed security into every layer of the business. If you live and breathe risk, regulation, and resiliencethis is your arena.
What youll do:
Developing and maintaining policies, procedures, and controls to ensure compliance with regulatory, legal, and audit requirements, as well as best business practices.
Creating a cybersecurity compliance strategy and ensuring alignment with contractual obligations and globally recognized standards and guidelines.
Identifying regulatory, legislative, and industry-specific compliance requirements and defining controls to meet them.
Conducting and participating in periodic internal reviews or audits to ensure compliance procedures are followed.
Overseeing and evaluating compliance systems to ensure their effectiveness.
Compiling and presenting reports to management on compliance activities and progress.
Staying up to date on industry developments, regulatory trends, and best practices to assess their impact on the organization.
Designing and implementing improvements in compliance communication, monitoring, and enforcement mechanisms.
Developing and executing a compliance awareness program, including the creation and distribution of materials for all employees.
Partnering with Legal and IT teams to manage data protection agreements and compliance initiatives.
Leading the development and execution of company-wide security awareness and training initiatives.
Assisting in incident response planning and investigations when necessary.

Position Overview: Were looking for an experienced and passionate Information Security compliance expert, to help drive organization wide security compliance and risks processes such as Risk Assessment, Mitigation Planning, Compliance with security standards, Internal and External Audits preparations and execution, and supporting customer Security requirements operations.





Responsibilities:
* Planning, performing, and tracking Cyber security gap analysis and risk assessment processes
* Performing internal & external, hands-on technical and procedural security audits
* Develop, implement and track technical risk control/mitigation plans
* Working with the company business owners and IT Business applications and infrastructure to implement security controls, solutions and software qualifications and compliance and monitoring.
* Manage information security related tasks, track progress and report to management
* Plan and execute Security processes and InfoSec group controls
* Write, Update and implement security related procedures
* Lead audit and compliance activities as SOX, SOC2, ISO27001, FedRamp and more and provide Privacy technical guidance
* Contributor to GDPR and privacy, working closely with the company legal department.
* Responsible to handle Internal and third-party security qualification processes, vendor risk management and assign required controls
* Responsible on customers RFP security risk assessment questionnaire; in a business-driven approach and a prompt response time
* Always pushing to modernize compliance solutions with efficiencies and business facing approach

Office Location:
Petah Tikva

we are seeking a talented GRC Compliance Expert to join our Governance, Risk, and Compliance team.
This role is ideal for someone with a strong understanding of leading international standards and regulations (such as ISO 27001, SOC 2, PCI-DSS, and others) and a passion for building and maintaining scalable, enterprise-grade compliance programs.

Youll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with hands-on experience implementing and maintaining PCI-DSS / SOC2 compliance, including managing assessments, evidence collection, and cross-functional collaboration.

Key Responsibilities

Ensure the companys continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
Monitor changes in the regulatory and industry landscape and assess their applicability to operations.
Lead internal control mapping, gap assessments, and remediation tracking.
Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

In this role, you will be part of global IT organization; You will lead a team that its responsibility is to manage IT security service operation in a proactive manner.

In this role, you will be working closely with other internal IT teams as well as extensive work with IT internal customers to adhere with business needs and committed IT security and service level.

Responsibilities:

Global responsibility for designing, building, maintaining, and securing CyberArk network and communication systems from strategy to delivery and service operations and related processes
Responsible for administering security-related infrastructure and applications, such as intrusion detection/prevention systems, EDR, DLP, firewalls, cloud security tools, and vulnerability scanners etc. Including defining and implementing the security systems configuration, policies and hardening based on security policies and operational considerations.
Work with CyberArk CISO to translate security policies into architecture and delivery.
Responsible for Security operation projects to design, implement and support security tools and systems. This will require you to lead projects or ensure the successful projects in this domain which are led by the team.
Managing a team of security system engineers
Responsible for building all the required governance methods and tools of the IT security service, in addition accountable to validate that CyberArk security services are fully updated, and all endpoints are fully in compliance.
Create and maintain technical documentation (e.g. designs, procedures) as needed.
Responsible to meet IT support service level targets and lead a proactive approach to improve the service level and the team efficiency.

As the Senior Director of Cyber Security Center , you will lead the frontline of our cyber defense strategy. You will build, manage, and continuously enhance a world-class capability that includes our Security Operations Center (SOC), Threat Hunting, and Threat Intelligence teams.

Youll be responsible for ensuring real-time threat monitoring, proactive hunting, and deep analysis of adversarial activity all while leveraging AI and automation to accelerate detection, decision-making, and response. You will drive the integration of AI/ML models and threat intelligence into SOC workflows, helping your teams stay ahead of evolving threats and reduce noise through intelligent alerting and prioritization.

Youll define the vision and operational model for modern, threat-informed defense, lead response to high-impact incidents, and collaborate across cyber protection, risk, and technology teams. Youll support the CISO providing insight into threat trends, AI-driven insights, and the overall health of cyber defense posture.


Key Responsibilities

Lead and mature global Cyber Security Center, including 24/7 Security Operations, Threat Hunting, and Threat Intelligence functions.
Establish strategic direction and operational excellence across detection, response, and threat analysis programs.
Oversee incident response efforts, ensuring coordinated investigation, containment, and remediation of security events.
Build and scale proactive threat hunting programs, using hypothesis-driven methods, advanced analytics, and threat behavior models.
Operationalize threat intelligence to improve detection coverage, prioritize threats, and anticipate adversary behavior.
Own the integration and optimization of detection technologies, including SIEM, SOAR, EDR, and threat intelligence platforms.
Define and track operational metrics, such as mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat coverage.
Foster strong partnerships across Cyber Protection, IT, Engineering, and Risk teams, enabling coordinated defenses and incident handling.
Lead, mentor, and grow a high-performing team of security analysts, hunters, and intelligence professionals.
Stay ahead of the evolving threat landscape, continuously evaluating new technologies, frameworks, and methodologies.

We are looking for a skilled and hands-on IAM Engineer to join the IAM Team within the Applications & Integrations group.
This group is responsible for implementing mission-critical systems and leading cross-department integrations to deliver secure, scalable, and high-performance solutions that support the companys strategic goals.
Working closely with diverse stakeholders across the organization, the team plays a key role in advancing internal operations and driving company-wide initiatives.
What you'll do:
Configure and manage IAM workflows directly within the IGA/IDM platform (SailPoint IdentityNow ISC)
Build and maintain provisioning, deprovisioning, and access review processes
Develop scripts and integrate with APIs to automate identity lifecycle activities
Troubleshoot IAM-related issues, including provisioning failures, sync errors, and policy violations
Configure and maintain connectors with enterprise applications (e.g., Salesforce, GCP, Entra ID, and internal systems)
Define policies, rules, and role-based models to enhance security and user experience
Participate in technical design discussions, tool customization, and feature implementation.

As a Senior PT Researcher, you will be the go-to-guy to find traditional and creative ways to break all kinds of products.

Make sure CYBR products are in a secure state by leading vulnerability research projects focused internally on the company products.
Present findings and work closely with software architects and development teams to ensure products are developed according to the best security standards.
Be a security research expert and stay up to date with new vulnerability research techniques that are being developed and published worldwide.
Through the year, include research work, and aim to discover innovative and creative security findings in CYBR products.

The Security Research Team Labs focuses on vulnerability research, identifying emerging threats and security gaps to enhance products and contribute to the broader security community. The team has deep expertise in low-level systems, operating systems, frameworks, cloud, and security research, applying this knowledge to critical security domains such as AI, Identity, and Privilege. The team has conducted cutting-edge research and presented findings on leading global stages, including Black Hat, DefCon, RSA, and more.

Lead and manage a team of vulnerability researchers and research projects.
Conduct hands-on vulnerability research across multidisciplinary attack vectors.
Support and guide research blog publications and conference presentations.
Invent new security layers to mitigate attack techniques, and surfaces discovered in research.
Write and review technical articles, and present research findings at security conferences.