דרושים » ניהול ביניים » Security Researcher

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.

Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for a Senior Security Researcher - Red Team.
As a Senior Security Researcher, you will lead proactive vulnerability research, developing novel proofs-of-concept and exploit chains that emulate real-world attackers.
You will discover vulnerabilities across AI systems, validate exploitability, and work closely with engineering and product teams to drive remediation. The vulnerabilities you will find will impact hundreds of millions of users!
Responsibilities:
Become a founding member of the AIAL group as part of Red Team. Help shape the team culture and practices.
Research and discover zero-day vulnerabilities in AI applications, models, and AI service ecosystems. Work closely with Red Team operators and engineering teams to address findings and strengthen resilience of AI-driven systems.
Analyze a wide array of data sources to identify potential security weaknesses and breach points within AI infrastructure.
Develop tools and techniques to scale and accelerate adversary emulation and vulnerability discovery.
Advocate for security change across the company through building partnerships and clearly communicating impact of risks.

The CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.

This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.

As an Application Security Engineer you will...
Assist in the development of internal security tools and AI agents.
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline.
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products.
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA.
Develop Internal application security Tools and Automations.
Partner with development and DevOps teams to embed security early and often.
Contribute to secure code reviews and assist with remediation strategies.
Track, triage, and report vulnerabilities across product lines.
Support the adoption of secure development best practices.

Required Application Security Engineer
The Gist
We are one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. Were solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.
Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.
Connect & Canvas
At the heart of our platform is Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. Its designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, were expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.
The Role
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

Are you passionate about staying one step ahead of cyber threats? Do you thrive at the intersection of deep technical expertise and strategic leadership?
We're looking for an exceptional Offensive Security & Research Team Leader to drive cutting-edge offensive operations, lead a team of elite security professionals, and shape the future of cyber resilience.
In this role, you'll lead hands-on red team activities, threat research, and vulnerability discovery-pushing the boundaries of what's possible in cyber offense. You will work closely with product, engineering, and executive stakeholders to translate complex attack scenarios into real-world risk mitigation strategies.
This is more than a leadership position-it's an opportunity to build and scale a high-impact team at the forefront of the cybersecurity landscape.
Job Description:
Lead a high-performing offensive security team specializing in red teaming, threat emulation, advanced adversary simulation, and vulnerability research.
Mentor and grow team members, fostering a culture of continuous learning, innovation, and operational excellence.
Promote a culture of innovation, encouraging curiosity and technical excellence within the team.
Translate technical discoveries into operational insights that enhance offensive engagements and deliver clear value to clients
Collaborate cross-functionally with our cyber offensive and defensive teams
Develop and maintain internal tools and methodologies that enhance offensive capabilities, automation, and reporting accuracy.
Design and execute tailored offensive engagements, including full-scope red team operations, assumed breach scenarios, and social engineering campaigns.

We are seeking a highly motivated and skilled Cloud Security Engineer to join our growing team. In this critical role, you will be responsible, among other things, for ensuring the security of our cloud environments and applications throughout their entire lifecycle. You will work closely with R&D, DevOps, and other teams to embed security into every stage of the development process, from design and development to deployment and operations. Responsibilities
* Design & implement secure cloud architectures, configurations across AWS
* Ensure compliance with relevant security standards (e.g. ISO 27001, SOC 2, GDPR).
* Participate in design & implementation of security technical controls for cloud-native services
* Work closely with R&D, DevOps to integrate security into the software development lifecycle.
* Participate in security reviews of code, infrastructure, and designs. Advocate for and implement security best practices throughout the development process.
* Monitor cloud environments for security threats, including malware, vulnerabilities, and suspicious activity. Investigate and respond to security incidents within cloud environments.
* Implement and maintain security information and event management ( SIEM ) integration for cloud environments in cooperation with SecOps & InfoSec.
* Conduct regular security assessments and ownership on the penetration testing of cloud environments, applications, Infrastructure-as-Code. Implement and maintain vulnerability scanning and remediation processes.
* Experience implementing and managing CSPM and CNAPP RunTime tools to continuously monitor and assess the security posture of cloud environments.
* Open Source Security - Understand and address security risks associated with the use of open-source software. Stay informed about and mitigate vulnerabilities in open-source components.
* Work closely with R&D, DevOps, other stakeholders to ensure security is integrated into all phases of the software development lifecycle. Communicate security risks and recommendations effectively to both technical and non-technical audiences.
Hybrid:
Yes.

Power the Future with us! At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 3,000 employees, offices in 30 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. We are seeking a highly skilled Network and Information Security Engineer with a demonstrated history of successfully delivering complex projects. This position requires both technical proficiency and strategic insight to design secure, scalable network architectures that meet business objectives. Key Responsibilities
* Oversee network and security projects from inception through completion, ensuring all deliverables meet specified timelines and quality standards.
* Develop and implement secure network architectures that align with organizational goals.
* Lead security hardening initiatives across all infrastructure layers.
* Facilitate strong integration with SOC and other security teams.
* Promote process enhancements and best practices in incident management and change control.

Country:
Israel

City:
Herzliya

we are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our company systems. You will be working across engineering teams to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

Our Security Engineer
Job Description
Join our Internal Platform Engineering team! As a Security Engineer, you'll be at the forefront of developing and implementing security capabilities to support secure and efficient service delivery. You'll be responsible for ensuring that the tools, approaches, and infrastructure used meet the highest security standards. In your day-to-day, you will:
Drive the development of new security capabilities to support delivery and ensure that the tools and approaches used are effective
Support the efficient delivery of services by employing industry best practices for the automated build and deployment of security infrastructure and code
Support Cloud Technology deployments, lift and shift migrations and transformation of Cloud solutions that manage hybrid and on-premises infrastructure
Assist with the execution of architecture blueprints and brings security into a DevOps mindset and culture
Collaborate with Product teams to support the evaluation of planned changes, to minimize security risk
Provide advice on security to contribute to different projects and product development.

We are seeking a highly skilled and experienced Application Security Expert to join our dynamic team.

This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools.

Key Responsibilities
Contribute to design and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Promote a culture of security awareness and continuous improvement within the organization.