דרושים » אבטחת מידע וסייבר » Cyber Security Engineer

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.
Responsibilities:
Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

We're looking for a Cyber Researcher who will be responsible for identifying, analyzing, and providing mitigation options for emerging cyber threats and vulnerabilities in SaaS environments. As a Cyber Researcher, youll lead and contribute to discovering new attack vectors, developing detection and defense techniques, and providing actionable intelligence to strengthen our products and protect our customers.
You will:
Conduct proactive research on emerging threats, vulnerabilities, and attack techniques relevant to SaaS and cloud environments.
Collaborate with engineering and product teams to translate research findings into product features and security controls.
Develop proof-of-concept and detection mechanisms to validate and demonstrate risks.
Stay up-to-date with the latest trends in cyber threats, security tools, and industry best practices.

We are looking for a Cyber Security Manager.
The cyber security manager implements, and monitors security policies and procedures, and ensures compliance with relevant standards and regulations. The Cyber Security Manager Serves as a team member for Information Technology Services (ITS) and Information Security Officer team at the Israel member firm. Specifically, he will be responsible for Leading various cyber security projects/ areas & Improving Cyber Security IL MFs posture.
The manager works with the member firm to identify areas of potential risk, potential cost savings, and operational efficiencies that will reduce the overall risks to client and firm data resources, and May participate in projects with participants from other countries in cross border operations.
The position will also work closely with the US Member Firm team The position is open to both women and men.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

We are looking for a IT Risk Management and SOC2 Manager.
The IT risk management team specializes in identifying and mitigating technological risks, developing solutions, and enhancing organizational systems and processes to prevent potential business impact. Leveraging local experts with global experience in complex projects, unique methodologies, and advanced technological tools, the team partners with leading companies across technology, industry, and finance. Our projects span collaborations with US and the largest organizations in Israel, including major banks and top technology companies traded in the US.
Role Overview:
As a Manager in the TPA practice, you will lead and oversee multiple client engagements from initiation through to the reports. You will be responsible for managing project timelines, budgets, and team members, ensuring high-quality deliverables and client satisfaction.
Your role will include:
Managing end-to-end IT risk management and assurance engagements, including planning, execution, and reporting.
Overseeing the delivery of Information Security and IT Governance Risk and Compliance (GRC) services.
Leading SOC2 and SOC1 audits, information systems risk assessments, cyber risk surveys, and both external and internal IT audits.
Consulting on and testing automated controls within business processes and organizational systems, and establishing methodologies for IT risk management in cloud and digital environments.
Advising clients on authorization processes and segregation of duties (SoD) in information systems and business operations.
Managing and mentoring team members, allocating resources, and monitoring engagement hours to ensure projects are delivered on time and within budget.
Serving as the primary point of contact for clients, maintaining strong relationships and ensuring their needs are met throughout the engagement lifecycle.

we are looking for highly capable Incident Response Expert. The Incident Response Expert role includes conducting in-depth forensic analysis, investigation and response to real-world cyber threats. A significant part of our investigations is performed onsite at the client location, in collaboration with the clients IT and security teams.
Main Responsibilities:
Participate in forensic and incident response investigations, including large scale sophisticated attacks, conduct log analysis, host and network-based forensics and malware analysis.
Participate in threat hunting: proactively hunt for targeted attacks and new emerging threats in clients networks; as well as security assessments and simulations.
Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to help ascertain whether and how breaches have occurred.
Utilize and develop tools and methodologies to improve existing investigative and hunting technological stack.
Collaborate with IT and Security teams during investigations.
Generate and present a comprehensive and professional report of findings from investigations.

The Offensive Security team is seeking a Sr. Staff Offensive Security Engineer to join the team responsible for testing the security of all the products and services that make up the company's portfolio.
We're seeking innovative cybersecurity professionals to lead our advanced threat assessment program. In this role, you'll spearhead continuous internal security evaluations and coordinate with elite external partners to execute comprehensive penetration testing strategies. Your expertise will be crucial in identifying potential vulnerabilities and guiding both internal and external teams to explore the full spectrum of our attack surface. This position requires a deep understanding of application security offensive security techniques, coupled with the ability to strategically direct resources for maximum impact. Ideal candidates will possess a passion for uncovering system weaknesses, a talent for thinking like an adversary, and the skills to translate technical findings into actionable intelligence. Join us in crafting a robust, proactive security posture that stays ahead of emerging threats and keeps our defenses at the cutting edge of cybersecurity.
The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success. And of course, a passion for bug hunting.
Your Impact
Conduct penetration tests against our company's products including appliances, applications, cloud services, and APIs
Engage with business owners in pre-engagement activities including scope definition, environment setup and scheduling
Prepare and deliver technical reports to business owners and InfoSec partners
Assist, as a subject matter expert, in remediation planning and execution
Perform security assessments, root-cause analysis and corrective measures as required
Occasionally plan and manage engagements to be executed by external partners when needed
Assist in the management of application security programs like continuous scanning, bug bounty, secure development lifecycle and others
Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing arsenal.

Were looking for a highly skilled and motivated Application Security Engineer to join our dynamic team. As an Application Security Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features
What Youll Do:
CI/CD Security Hardening
Improve and secure our continuous integration and deployment pipelines through the selection, implementation, and tailoring of new tooling, as well as the maintenance and enhancement of our current stack.
Security Tooling Management
Operate, fine-tune, and customize tools like Snyk, Apiiro, and other AppSec platforms to reduce false positives and enhance threat detection.
Policy Definition
Collaborate with cross-functional teams to develop practical, enforceable CI/CD security policies.
Security Orchestration & Automation
Build and maintain automated playbooks and workflows using orchestration platforms like Torq to support incident response and alert management.

a global leader in hybrid cloud security. brings a new approach that uses the attackers perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The platform enables companies to rapidly prioritize and respond to cyber risks affecting their business-sensitive systems.
About the role: Are you a super-talent Senior software engineer with a deep passion for cybersecurity and a profound understanding of AI-driven attack techniques? We are looking for a highly professional and responsible R&D member to join our team.
This role is for someone who thrives on technical challenges and is ready to leverage their expertise to identify, analyze, and defend against advanced cyber threat
Responsibilities: As a Senior software engineer in R&D, you will be a key player in the design, development, and deployment of our cybersecurity platform. Your responsibilities will include: Leading the research and implementation of techniques to identify and mitigate AI-related attack methods, such as data manipulation and adversarial attacks on security systems. Developing and integrating new security features into our platform to proactively defend against modern cyber threats. Collaborating with our team to define technical requirements and architectural solutions for cutting-edge security features. Tackling challenging technical problems at the intersection of cybersecurity and low-level systems.