דרושים » אבטחת מידע וסייבר » Information Security Specialist

As the Director of Information Security and GRC, you will oversee all aspects of our company's information security program, ensuring the protection of our data, systems, employees, and applications. You will lead a team of talented security professionals, driving a proactive, responsive and comprehensive security posture aligned with industry best practices and regulations.
Responsibilities:
Be kind.
Will be leading a team of 3-4 security operations specialists and engineers.
Embody the organizations values and act as a values champion, holding both yourself and others accountable to them.
Develop and implement a comprehensive information security strategy aligned with business objectives and risk tolerance.
Lead the Security team, fostering a culture of transparency, continuous improvement and collaboration.
Lead the development and implementation of IT governance frameworks and policies.
Oversee the implementation and maintenance of security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.
Manage product security, vulnerability management, and incident response processes.
Design and implement a robust Governance, Risk, and Compliance (GRC) program, ensuring companywide adherence to relevant regulations and standards.
Conduct regular security assessments and risk analyses to identify and mitigate potential vulnerabilities, partnering with business units and stakeholders across the organization.
Ensure that the organization is prepared for internal and external IT audits; and manage the audit process.
Coordinate with external agencies, auditors, customers and stakeholders for compliance assessments and audits.
Assist in the selection, implementation, and maintenance of security technologies, tools, vendors, and processes to ensure adherence to the organization's security policies and goals.
Work with DevOps and the development staff to improve the security posture and to implement secure SDLC practices.
Stay up to date on the latest security threats, trends, and technologies, ensuring that our company adopts appropriate countermeasures.
Develop and deliver security awareness training programs for employees.
Manage the security budget and resources effectively.
Report to the Chief Operating Officer (COO) on the organization's overall security posture.
Curate the organizations risk register and report regularly on burndown.

we are seeking a passionate and skilled Information Security Engineer to join our team. In this role, youll be responsible for enhancing the security of our enterprise environment, working with a variety of security tools and technologies. We're looking for individuals with a strong background in information security who are eager to help shape the future of cybersecurity and protect our organization from evolving threats.
In this position you will:
Design, implement, and maintain robust security controls across our enterprise infrastructure, including endpoint, identity, and data protection systems.
Lead and support efforts to harden our companys internal environments against evolving threats, including proactive risk identification and remediation.
Collaborate closely with DevOps, IT, and engineering teams to secure enterprise platforms.
Contribute to the evaluation and deployment of security technologies (e.g., EDR, DLP, IAM, MFA, logging and monitoring solutions).
Take ownership of end-to-end security projects, from concept through implementation and operationalization.
Help define and enforce security policies, standards, and best practices across the organization.
Participate in threat modeling, vulnerability management, and incident response processes.
Engage in continuous improvement efforts in a collaborative, agile, and fast-paced environment.

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

We are looking for a highly skilled Product Security Architect to join our team at our company. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our company development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

we are looking for a Product Security Engineer to join our growing team!
This is a great opportunity to be part of one of the fastest-growing infrastructure companies in history, an organization that is in the center of the hurricane being created by the revolution in artificial intelligence.
"our company's data management vision is the future of the market."- Forbes
we are the data platform company for the AI era. We are building the enterprise software infrastructure to capture, catalog, refine, enrich, and protect massive datasets and make them available for real-time data analysis and AI training and inference. Designed from the ground up to make AI simple to deploy and manage, our company takes the cost and complexity out of deploying enterprise and AI infrastructure across data center, edge, and cloud.
Our success has been built through intense innovation, a customer-first mentality and a team of fearless company ronauts who leverage their skills & experiences to make real market impact. This is an opportunity to be a key contributor at a pivotal time in our companys growth and at a pivotal point in computing history.
Responsibilities
Implement and maintain security controls for applications and systems.
Conduct DAST, SAST, vulnerability scans, and penetration tests.
Develop and enforce security policies and best practices.
Monitor logs, investigate incidents, and respond to threats.
Collaborate with development teams to ensure secure coding practices.
Stay updated on emerging threats and industry standards.

Required Security Research Manager - Cloud - Security Automation (Cortex)
Your Career:
Are you excited about leading a team of researchers who are redefining how cloud security is automated? Do you want to shape the future of an Autonomous SOC by building the next generation of remediation and response content?
As the Cloud Cybersecurity Research Manager, you will lead a team of talented researchers creating autonomous remediation plans for cloud runtime and posture issues. You will drive innovation, mentor researchers, and ensure our automation content is precise, safe, and impactful. This role combines hands-on technical knowledge with strategic leadership, empowering your team to deliver solutions that protect customers at scale.
Your Impact:
Lead and mentor a team of cloud security researchers, fostering technical excellence, innovation, and collaboration
Define research priorities and guide the design of robust, testable, and autonomous remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
Ensure high-quality delivery of SOAR playbooks and automation content aligned with customer needs and company vision
Collaborate with product, engineering, and threat research teams to maximize the impact of remediation content
Establish processes, KPIs, and best practices to continuously improve research output, playbook quality, and operational efficiency
Stay up to date with attacker TTPs, cloud-native threats, and emerging technologies to guide team direction.

We are looking for a highly motivated Security Operations (SecOps) Engineer to join our growing security team. The ideal candidate will bring 34 years of hands-on experience in cybersecurity operations and incident response, with strong expertise in cloud environments. You will play a key role in designing, implementing, and managing security monitoring, detection, and response capabilities that safeguard our organizations assets, data, and customers.


Key Responsibilities
Design and maintain monitoring flows and detection use-cases across SIEM and related systems.
Develop, optimize, and tune security rules, alerts, and dashboards.
Integrate threat intelligence feeds into monitoring tools.
Lead and support security investigations, from triage to remediation.
Coordinate with internal teams and external partners to contain and resolve incidents.
Create and maintain playbooks, runbooks, and IR documentation.
Build and maintain security automation and orchestration workflows to accelerate response.
Ensure compliance with security policies, frameworks, and regulatory requirements (SOC 2, ISO 27001, GDPR, etc.).
Maintain clear documentation of procedures, incidents, and improvements.

Realize your potential by joining the leading performance-driven advertising company!
Read something interesting online today? Theres a good chance it was recommended by our company. Every day, we reach over 1.5 billion people, powering recommendations for the worlds top publishers and advertisers on the open web. Powering this massive scale requires a robust, resilient, and secure-by-design infrastructure.
we are seeking a highly motivated and experienced Cyber Security Program Manager to join our global team. This is a strategic, hands-on role responsible for shaping and executing our companys cyber security vision. You will be the focal point for all cyber security matters, protecting our corporate and production environments while enabling the business to continue its rapid growth and innovation.
How youll make an impact:
As the Cyber Security program Manager, you will be entrusted with the critical responsibility of safeguarding our companys assets, data, and reputation. You will:
Build and Maintain Our Cyber Strategy: Develop, own, and execute the companys comprehensive cyber security strategy, ensuring it aligns with our business goals and the evolving threat landscape.
Lead Key Security Initiatives: Lead and manage a wide range of security programs across the company. This includes maturing our product security practices, managing the bug bounty program, enhancing our identity and access management (IAM) framework, performing vendor risk management, and overseeing internal and external audit programs.
Measure What Matters: Develop and maintain key security metrics (KPIs/KRIs) to measure the effectiveness of security controls, track progress against objectives, and provide a clear, data-driven picture of the companys cyber posture over time.
Communicate with Leadership: Prepare and present clear, concise reports and annual updates for the audit committee, executive leadership, and other key stakeholders on the state of our security program.
Ensure Business Resilience: Spearhead the planning, testing, and execution of our Business Continuity Planning (BCP), Disaster Recovery (DR), and Incident Response (IR) programs.

As a Director in the Security & IT division you will be responsible for:
Manage complex global projects and teams in information systems, IT and security.
Implement tools, conduct risk assessments, and maintain secure configurations for systems, cloud environments, and IT infrastructure
Handle incidents and IT issues from detection to resolution, with post-incident analysis and prevention measures.
Set and define the KPIs, SLAs and goals for the entire department.
Own and lead administration, monitoring, and response for our systems and applications.
Collaborate with cross-organization teams.
Deal with Technical and managerial escalations.

As the Senior Information Security Architect , you will be the owner and chief designer of our corporate security architecture.

Youll be in charge of embedding security by design into every layer of the corporate technology stackcloud, SaaS, applications, and infrastructure.

In this highly influential role, you will set the strategic vision for secure architecture, lead threat modeling initiatives, and act as the ultimate authority on how builds, scales, and protects its corporate systems. Youll partner with engineering, product, and operations leaders to ensure that security is not just an add-on, but a foundational principle driving every decision.
Key Responsibilities-
Architect secure-by-design systems across corporate multi-cloud (Azure, AWS, GCP) and SaaS applications, ensuring strong IAM and key management practices.
Design and manage secure network architectures, applying strong knowledge of TCP/IP, DNS, VPNs, and enterprise firewalls, IDS/IPS, and traffic monitoring tools.
Secure operating systems (Linux, macOS) and oversee endpoint protection through leading EDR/XDR solutions
Act as the architectural authority in design decisions, setting technical direction and influencing company-wide security practices.
Take ownership of threat modeling for the corporate most critical systems, leading structured analyses to anticipate where attacks may occur and how to prevent them.
Skilled in vulnerability scanning, patching strategies, and prioritizing risks with enterprise-grade scanning platforms.
Hands-on experience designing, implementing, and enforcing security controls to prevent data leaks, unauthorized access, advanced cyberattacks, and emerging threats. This includes working with DLP solutions (e.g., Symantec DLP, Microsoft Purview, Digital Guardian), IAM and PAM platforms (e.g., Okta, Azure AD, CyberArk), endpoint protection and XDR tools (e.g., CrowdStrike, SentinelOne).
Lead the evaluation and adoption of next-generation security tools and technologies, ensuring stays ahead of attackers.
Serve as a trusted advisor and security leader, guiding executives and engineers alike in making security-first decisions.