דרושים » אבטחת מידע וסייבר » IT Security Engineer

We are seeking a Security Operations Engineer to join our Security team, reporting to the CIO. This is a hands-on role where you will design and operate security infrastructure, lead cloud security initiatives, and rethink our security architecture. You'll build AI-powered solutions to automate security triage and response, while partnering cross-functionally with DevOps, IT, and Engineering teams to drive security outcomes across the organization.
What you will do :
Design, implement, and operate security monitoring capabilities using a SIEM platform to detect, analyze, and respond to threats in real time. Deploy and manage EDR, DLP, CSPM, and other security controls across the environment.
Build and maintain cloud security architectures, ensuring strong IAM, network segmentation, encryption, and a zero-trust approach across all cloud deployments.
Continuously evaluate and evolve the security architecture and defense in depth strategy. Integrate tools and systems across the stack to enable unified telemetry, seamless data flow, and automated response actions.
Develop AI powered agentic solutions and operational automations using n8n. Use Infrastructure as Code to automate deployment, configuration management, and ongoing lifecycle operations for security infrastructure.
Create and tune detection rules, build log ingestion pipelines, and conduct proactive threat hunting. Lead monitoring, investigation, and remediation efforts using structured DFIR methodologies.
Embed security into CI/CD pipelines and broader DevSecOps workflows. Partner with DevOps, IT, and Engineering teams to integrate security into day to day operations and technical decision making.
Implement and maintain controls aligned with HIPAA, HITRUST, and SOC 2 requirements. Perform security assessments for vendors, SaaS platforms, and internal applications.

Were looking for a highly skilled Cybersecurity Governance, Risk, and Compliance Engineer with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology - ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.
Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.
Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.
Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.
Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.
Manage our bug bounty program, validating reports and coordinating response and resolution.
Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.
Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.
Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.
Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.
Promote a strong security culture across by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

We're looking for a Security Engineer - Product to spread our power. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team - extending our DevSecOps and Product Security practices to our FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our engineering and operations teams - helping them deliver secure-by-design solutions.

we are an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data -driven solutions to a quickly evolving industry. Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line. We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security. This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for:
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents. Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams. Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines. Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often. Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents. Document: Draft requirement documents for security products and innovative technologies.
The top candidate will also have:

* Endless curiosity and passion for emerging technology
* Ability to handle prioritize and execute multiple tasks simultaneously.
* Ability to work collaboratively across multiple departments.
* Fluent in Hebrew & English - ability to lead meetings and present.
* Strong communication and collaboration skills.
Why you should join us:

* Family-friendly environment and flexible working hours.
* Our global team is made up of awesome forward thinking, innovative go-getters.
* Learning and growth opportunities within a fast-paced tech startup environment.
* Clear career advancement path for strong performers.
* We are committed to setting each other up for success. As a member of our team, you will work within an environment that encourages growth, initiative taking and continuous mutual feedback in order to reach your full potential.
* And of course, Cibus and lots of yummy treats in the kitchen:-)

Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry.
Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.
We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.
This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
Document: Draft requirement documents for security products and innovative technologies.

As an Application Security Engineer, you will act as a bridge between offensive security and engineering teams. You will leverage your penetration-testing mindset to proactively improve the security of applications throughout their lifecycles. This includes partnering with developers to identify and remediate vulnerabilities, contributing to secure design decisions, participating in threat modeling, and conducting security reviews. You will help build scalable, repeatable security practices that reduce risk across the product.
Responsibilities
Validating and prioritizing vulnerabilities from PTs, bug bounties, and tools
Collaborating with engineering teams on remediation
Participating in application security reviews
Supporting Secure Software Development Lifecycle (SSDLC)
Managing and using SAST, DAST, and SCA tools
Developing security standards and best practices.

Your Career You will work firsthand with our valued customers to address their complex post-sales concerns where analysis of situations or data requires an in-depth evaluation of many factors. Youre a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. Youll enjoy networking with key contacts outside your own area of expertise, with a strong capability of detailing difficult technical issues to both non-technical and technical professionals. You will regularly participate in technical discussions with multi-functional teams, creating an environment of transparency that ultimately leads to better products, better working environments, and better cybersecurity. Your quick thinking and support to our clients provides the fast assistance they need to keep their environments secure - which means youll need to move quickly, thoughtfully, and provide technical assistance as needed (often, in high pressure situations). Your Impact Provide customers on-site support, deployment and implementation, knowledge transfer, configurations, troubleshooting, and standard methodologies to customers via phone, e-mail, and web. Use fault isolation and root cause analysis skills to diagnose and tackle complicated technical issues. Provide post sales technical support, while handling support cases to ensure issues are recorded, tracked, resolved, and follow-ups finished in a timely manner. Work to reproduce customer issues and qualify critical issues. Publish Technical Support Bulletins and other user documentation in the Knowledge Base. Build a positive customer experience by working closely with Development, Sales, Quality Assurance, and Marketing Responsible for reviewing user documentation for training materials, technical marketing collateral, manuals, problem solving guides, etc. Provide on-call support 24x7 on an as-needed basis, including travel to customer sites for critical situations to expedite resolution. Work shoulder to shoulder with the Sales and Sales Engineering Teams.

Were looking for driven and talented people like you to join our R&D team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
Highlights:
High-growth: Over the past seven years, weve consistently achieved milestones that take other companies a decade or more. During this time, weve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
Disruptive innovation: Our founders saw that traditional security didnt work for the cloud, so they set out to carve a new path. Were relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
Well-capitalized: With a valuation of $1.8 billion, we are a cybersecurity unicorn dominating the cloud security space. Were backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.
About the role
We are in the process of crafting a dynamic, captivating, and rapidly evolving product that is reshaping the landscape of cloud security. As we expand, we are actively seeking individuals who are not only talented but also highly motivated, adept at multitasking, and proven team players to join our ranks. Our team consists of inspirational top-tier professionals dedicated to pioneering a paradigm shift in cloud security practices. We are deeply passionate about staying at the forefront of cutting-edge technology trends and are committed to integrating these innovations into our product. In this role, you will assume the pivotal position of lead developer, entrusted with spearheading the creation of innovative software products.
On a typical day youll:
Write clean, concise code that is stable, extensible, and unit-tested appropriately
Lead technical designs and implement new features end to end
Diagnose complex issues, evaluate, recommend and execute the best solution
Implement new requirements within our Agile delivery methodology while following our established architectural principles
Test software to ensure proper and efficient execution and adherence to business and technical requirements
Write code that meets the production requirements and design specifications and anticipate potential errors/issue
Provides input into the architecture and design of the product; collaborating with the team in solving problems the right way
Develop expertise of AWS, Azure, and GCP products and technologies.

We are looking for proactive, analytical talented people to join the company API Security Content team. As a Research Engineer (API Content), you will analyze APIs, design API integrations, and more.
You will add content to our companys security and network products, such as XDR, CASB, DEM, DLP, etc.
Joining our company is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Analyze cloud application APIs and develop products interacting with such APIs
Contribute to various company products: DEM, XDR, CASB
Suggest and conduct new research vectors
Utilize our companys Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency.