דרושים » אבטחת מידע וסייבר » Staff Software Engineer

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

We are looking for a Security Operations & Incident Response Engineer to join our fast-growing company at a breakthrough stage, where we are building our dream team with the most passionate and professional people in the industry.
Our security team blends cyber expertise with cutting-edge automation and AI. Were looking for someone who thrives in a fast-paced SaaS environment and is eager to make an impact.
Key Responsibilities
Security Engineering & Incident Response
Collaborate with the CISO and peers to shape and execute the companys security strategy.
Develop, maintain, and continuously improve security playbooks, processes, and response frameworks.
Manage the full lifecycle of security alerts from triage and investigation to response and escalation using our companys Case Management platform.
Perform access and configuration reviews across cloud, SaaS, and endpoint environments, and lead remediation efforts where needed.
SIEM & Automation Expertise
Develop and fine-tune detection rules in Splunk (or similar SIEM platforms) to increase detection quality and reduce false positives.
Utilizing our company to build and manage automated workflows to accelerate incident response and reduce MTTR.
Evaluate new security technologies and lead proof-of-concepts to improve existing controls.
Collaboration & Enablement
Partner with IT and Engineering to strengthen SaaS security practices.
Act as a trusted advisor across teams, promoting security awareness and best practices.
Communicate clearly in both Hebrew and English, providing documentation and updates to relevant stakeholders.

we are a leader in cloud-native networking software for hyperscalers and service providers who are building the largest infrastructures in the world for network services, AI platforms and SaaS offerings. Founded in December 2015, our company disrupted some of the most challenging high-scale markets, transforming the way Networks are built, scaled, and consumed. We also built the largest network in the world, with more than half of AT&Ts backbone running on our Network Cloud. we have raised $587 million in three funding rounds which enable us to dream big and bring on the most talented people.
The Role:
As the Director of Information Security and GRC, you will oversee all aspects of our company's information security program, ensuring the protection of our data, systems, employees, and applications. You will lead a team of talented security professionals, driving a proactive, responsive and comprehensive security posture aligned with industry best practices and regulations.
Responsibilities:
Be kind.
Will be leading a team of 3-4 security operations specialists and engineers.
Embody the organizations values and act as a values champion, holding both yourself and others accountable to them.
Develop and implement a comprehensive information security strategy aligned with business objectives and risk tolerance.
Lead the Security team, fostering a culture of transparency, continuous improvement and collaboration.
Lead the development and implementation of IT governance frameworks and policies.
Oversee the implementation and maintenance of security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.
Manage product security, vulnerability management, and incident response processes.
Design and implement a robust Governance, Risk, and Compliance (GRC) program, ensuring companywide adherence to relevant regulations and standards.
Conduct regular security assessments and risk analyses to identify and mitigate potential vulnerabilities, partnering with business units and stakeholders across the organization.
Ensure that the organization is prepared for internal and external IT audits; and manage the audit process.
Coordinate with external agencies, auditors, customers and stakeholders for compliance assessments and audits.
Assist in the selection, implementation, and maintenance of security technologies, tools, vendors, and processes to ensure adherence to the organization's security policies and goals.
Work with DevOps and the development staff to improve the security posture and to implement secure SDLC practices.
Stay up to date on the latest security threats, trends, and technologies, ensuring that our company adopts appropriate countermeasures.
Develop and deliver security awareness training programs for employees.
Manage the security budget and resources effectively.
Report to the Chief Operating Officer (COO) on the organization's overall security posture.
Curate the organizations risk register and report regularly on burndown.

The Offensive Security team is seeking a Sr. Staff Offensive Security Engineer to join the team responsible for testing the security of all the products and services that make up the company's portfolio.
We're seeking innovative cybersecurity professionals to lead our advanced threat assessment program. In this role, you'll spearhead continuous internal security evaluations and coordinate with elite external partners to execute comprehensive penetration testing strategies. Your expertise will be crucial in identifying potential vulnerabilities and guiding both internal and external teams to explore the full spectrum of our attack surface. This position requires a deep understanding of application security offensive security techniques, coupled with the ability to strategically direct resources for maximum impact. Ideal candidates will possess a passion for uncovering system weaknesses, a talent for thinking like an adversary, and the skills to translate technical findings into actionable intelligence. Join us in crafting a robust, proactive security posture that stays ahead of emerging threats and keeps our defenses at the cutting edge of cybersecurity.
The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success. And of course, a passion for bug hunting.
Your Impact
Conduct penetration tests against our company's products including appliances, applications, cloud services, and APIs
Engage with business owners in pre-engagement activities including scope definition, environment setup and scheduling
Prepare and deliver technical reports to business owners and InfoSec partners
Assist, as a subject matter expert, in remediation planning and execution
Perform security assessments, root-cause analysis and corrective measures as required
Occasionally plan and manage engagements to be executed by external partners when needed
Assist in the management of application security programs like continuous scanning, bug bounty, secure development lifecycle and others
Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing arsenal.

We are looking for proactive, analytical talented people to join the company's Security Applications Content team.
As a Senior Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to our companys security and network products such as NGWF, CASB, DLP, Device Management and more.
Joining our company is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior as part of our companys
Security products (NGFW,CASB,DLP,Device Management and more).
Suggest and conduct new research vectors
Utilize our companys Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.

We are making the future of Mobility come to life starting today. At our company we support the worlds largest vehicle fleet operators and transportation providers to optimize existing operations and seamlessly launch new, dynamic business models - driving efficient operations and maximizing utilization.
We are seeking a highly skilled and experienced Information Security Specialist to join
our company's security team. This role is critical in ensuring the security and integrity of our companys infrastructure, services and endpoints. The ideal candidate will have a deep understanding of security principles, architectures, and technologies, endpoint and site security, along with hands-on experience.
As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.
What You'll Do:
Design and maintain the company's security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain our companys security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with our company. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

Were looking for a highly skilled and motivated Application Security Engineer to join our dynamic team. As an Application Security Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features
What Youll Do:
CI/CD Security Hardening
Improve and secure our continuous integration and deployment pipelines through the selection, implementation, and tailoring of new tooling, as well as the maintenance and enhancement of our current stack.
Security Tooling Management
Operate, fine-tune, and customize tools like Snyk, Apiiro, and other AppSec platforms to reduce false positives and enhance threat detection.
Policy Definition
Collaborate with cross-functional teams to develop practical, enforceable CI/CD security policies.
Security Orchestration & Automation
Build and maintain automated playbooks and workflows using orchestration platforms like Torq to support incident response and alert management.

We are looking for a Cyber Security Manager.
The cyber security manager implements, and monitors security policies and procedures, and ensures compliance with relevant standards and regulations. The Cyber Security Manager Serves as a team member for Information Technology Services (ITS) and Information Security Officer team at the Israel member firm. Specifically, he will be responsible for Leading various cyber security projects/ areas & Improving Cyber Security IL MFs posture.
The manager works with the member firm to identify areas of potential risk, potential cost savings, and operational efficiencies that will reduce the overall risks to client and firm data resources, and May participate in projects with participants from other countries in cross border operations.
The position will also work closely with the US Member Firm team The position is open to both women and men.

Serving thousands of enterprise customers around the world including 45% of Fortune 500 companies, (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the worlds largest security cloud, accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zero Trust Exchange platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Named a Best Workplace in Technology by Fortune and others, fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with .

Our Engineering team built the worlds largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy.

We're looking for an experienced DevOps Engineer to join our DLP+ SSPM team. Reporting to the Director, Engineering you'll be responsible for:

Developing and maintaining CI/CD pipelines.
Automating infrastructure and deployment processes.
Driving operational excellence by implementing best practices for workflows, processes, and organizational efficiency.
Optimizing costs and promoting the sustainability of multiple production workloads.
Collaborating across teams to streamline development and operational workflows.

Required Chief Information Security Officer
About the Role
As our Chief Information Security Officer (CISO), you will own and lead all aspects of Information Security for us. Reporting to the CTO, you will lead and manage three teams which are individually responsible for Governance Risk and Compliance, Product Security and Security Operations. As CISO, you will shape and execute our security strategy and roadmap, ensuring trust, resilience, and compliance at scale. You will grow and lead the security department and work closely with our leadership to balance business growth with risk management. Externally, you will represent us to customers, auditors, and regulators, reinforcing our commitment to security and trust. Above all, you will ensure that our customers, data, and operations remain secure as we scale.
Overall Security Governance Strategy
Define and execute the company-wide security strategy and roadmap
Align security initiatives with our business objectives and risk appetite
Report on security posture to company executives and te board
Security Operations
Infrastructure Security - Collaborate with DevOps and IT teams to secure our infrastructure and cloud environment
Endpoint Security - Protect employee devices and access points
SaaS Security - Monitor and secure third-party SaaS applications
Data Loss Prevention - Implement controls to prevent unauthorized data access, sharing, and exfiltration across systems and endpoints
Identity and Access Management - Manage the companys access policy and controls
Threat Detection & Incident Response - Establish SIEM, threat intelligence, and forensic capabilities
Incident Response - Respond to security events, conduct investigations, and lead mitigation efforts
GRC (Governance, Risk, and Compliance)
Risk Management & Assessments - Perform regular risk assessments on our systems, processes, and infrastructure, and drive mitigation plans
Certifications & Compliance - Maintain compliance with SOC 2, ISO 27001, DORA, NYDFS, and other regulations
Audits & Regulatory Compliance - Lead security audits, manage interactions with external auditors, government agencies, and regulatory bodies
Third-Party & Vendor Security Assessments - Conduct security evaluations of vendors and partners to ensure data protection standards are met
Security Policies & Frameworks - Maintain and enforce company-wide security policies, ensuring cross-functional adoption
Product Security
Secure Software Development Lifecycle (SSDLC) - Integrate security into our development processes, shift left on security through the entire product lifecycle.