דרושים » אבטחת מידע וסייבר » IT Solutions Consultant

our company's Technology Consulting team is looking for a Cybersecurity Consultant to join our cyber department.
The Cyber Department works with a variety of clients in different fields: Government, Hi-tech, Industry, Retail, Hotels, Defense and more.
The Job Will Include:
Client Engagement: Leading, guiding and advising to clients in Israel and abroad as well as joint projects with various partners of our company global on cyber security projects based on methodology, regulation and standards
Technologies: Work with different aspects of cyber security in multiple fields such as IT, OT & Cloud
Security Assessments: Carrying out risk surveys including cyber, operational and supply chain risks
Advisory and Strategy Development: Developing business continuity plans (BCP) ,cyber security and maturity programs, secure architectures, policies and information security procedures
Collaboration: Leading representative and high-profile meetings with client internal senior management.

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the XM Cyber platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

Were looking for an Engineering Manager to lead the Compliance team, within our Risk Infra group. The Risk Infra group builds the foundational systems that enable all of fraud and compliance defenses.

What youll do
Lead and mentor a squad of backend engineers to deliver high-quality code, fostering a culture of technical excellence, rapid iteration, and end-to-end ownership. You will design low-latency, high-concurrency systems for sub-second risk assessments and automated decision-making, supporting hyper-growth without compromising regulatory needs or user experience.

Partner closely with Compliance analysts and governance experts to translate complex regulatory insights and global policies into resilient, fault-tolerant distributed logic. You will be responsible for balancing the immediate need for risk mitigation with long-term architectural scalability and stability.

Systems Development Engineering (SDE) at our company is a role where you manage services and systems at scale. SDEs creatively put their engineering discipline to use automating the mundane and reducing toil. We dont just write code to fix bugs, but emphasize the development of tools and solutions that fix classes of problems. We know its hard to control what you cant measure - so we focus on observability: instrumenting first, then turning data into knowledge, and finally knowledge into action. We know that the operational efficiency of our company systems, services, virtual compute environments and the operating systems that power them impact the environment, not just the bottom line. We know that working together we can do more, and that community matters.
our company brings together people with a wide variety of backgrounds, experiences and perspectives. We encourage them to collaborate, think big and take risks in a blame-free environment. We promote self-direction to work on meaningful projects, while we also strive to create an environment that provides the support and mentorship needed to learn and grow.
Together we engineer and build the infrastructure, tools, access and telemetry for systems that enable orchestration of our company-scale services. Come build things that matter.
The Managed Services Technology team plays a vital role in the Managed Threat Defense service delivery life-cycle. We are responsible for provisioning Security Operations (SecOps) and third-party security technology. This role focuses on deploying and integrating customer security technologies.
In this role, you will collaborate with enterprise clients, customers, internal stakeholders, and cross-functional teams to quickly and accurately provision and integrate SecOps and other customer-managed security technologies.
Part of our company Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
Oversee the security technology provisioning lifecycle for new and existing customers.
Develop technical implementation plans based on customer expectations and shared information.
Facilitate project management and technical support during onboarding. Collaborate closely with customers and internal teams.
Collaborate with customers to triage and implement remediations and recommendations.
Document all implementation details and collaboration meeting notes in the internal tracking system.

The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy. You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate - MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization. In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.

A day in the life and how youll make an impact:

Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
Work closely with stakeholders (CISO, COO, System Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
Perform or manage penetration testing initiatives to identify security weaknesses.

we are an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data -driven solutions to a quickly evolving industry. Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line. We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security. This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for:
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents. Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams. Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines. Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often. Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents. Document: Draft requirement documents for security products and innovative technologies.
The top candidate will also have:

* Endless curiosity and passion for emerging technology
* Ability to handle prioritize and execute multiple tasks simultaneously.
* Ability to work collaboratively across multiple departments.
* Fluent in Hebrew & English - ability to lead meetings and present.
* Strong communication and collaboration skills.
Why you should join us:

* Family-friendly environment and flexible working hours.
* Our global team is made up of awesome forward thinking, innovative go-getters.
* Learning and growth opportunities within a fast-paced tech startup environment.
* Clear career advancement path for strong performers.
* We are committed to setting each other up for success. As a member of our team, you will work within an environment that encourages growth, initiative taking and continuous mutual feedback in order to reach your full potential.
* And of course, Cibus and lots of yummy treats in the kitchen:-)

The Cyber & Cloud Security Department is seeking a Cloud Security Engineer for a challenging role that includes ongoing on‑site work with a client.
The role includes:
Responsibility for establishing, maintaining, supporting, and securing critical cloud infrastructures, with a strong focus on sensitive and secured environments - Azure Cloud
Design and implementation of secure cloud infrastructures - including working with Infrastructure as Code (IaC) practices
Operational maintenance of computing systems, servers, and infrastructure components in a secured environment
Using IaC tools such as Terraform / Bicep / ARM Templates for infrastructure management, automation, and standardization
Working with monitoring and analytics systems, including Splunk, for log analysis and security event detection
Ongoing collaboration with client teams, including hands‑on on‑site support - supporting cloud and system infrastructures
Performing security updates, hardening, and upgrades in secured environments
Integrating and implementing new Azure services into existing infrastructures
Log and event analysis, anomaly detection, and handling complex incidents
Writing and maintaining procedures, professional reports, and technical documentation
Working with various operating systems (Windows / Linux).

Were looking for a highly skilled Cybersecurity Governance, Risk, and Compliance Engineer with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology - ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.