דרושים » מחשבים ורשתות » Cloud Infrastructure and AI Security

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.
This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.
What You Will Do:
Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.
Build and maintain an effective and scalable security monitoring infrastructure solution.
Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.
Triage alerts and drive security incidents to closure while reducing their potential impact to Semperis.
Build processes and workflows to triage security alerts and respond to real incidents.
Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.
Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.
Contribute to strategy, risk management, and prioritization for all efforts around detection and response.
Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.
Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry.
Our team at our company is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.
We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You wont just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.
This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.
What you will be responsible for
Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
Document: Draft requirement documents for security products and innovative technologies.

We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization. In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.

A day in the life and how youll make an impact:

Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
Work closely with stakeholders (CISO, COO, System Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
Perform or manage penetration testing initiatives to identify security weaknesses.

Were looking for a highly skilled Technical GRC Expert with strong technical and hands-on cybersecurity expertise. This role bridges the gap between compliance and technology - ensuring that GRC frameworks are not just compliant on paper but effective in practice across infrastructure, SaaS, and cloud environments.
As the Cybersecurity GRC Engineer you will oversee the technical execution of GRC initiatives, collaborating with cross-functional teams (Security Engineering, IT, DevOps, Product) to drive resilience, risk reduction, and audit readiness across the organization.
Reporting line: GRC Director
What you will do:
Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
Perform technical risk assessments, vulnerability trend analysis, and threat modeling to ensure risk registers reflect the true security posture.
Lead security awareness and social-engineering simulations, correlating campaign results with real technical findings (phishing, MFA bypass, insider threat trends).
Initiate and coordinate offensive security activities including penetration testing, red teaming, and vulnerability assessments to proactively identify and mitigate risks.
Support incident response readiness by integrating lessons learned into policy, control design, and awareness materials.
Leverage AI to automate GRC reporting, surface risk insights, and maintain intelligent dashboards integrated with platforms like ServiceNow, Jira, and internal data sources.
Partner with Security Engineering and IT teams to ensure consistent endpoint hardening, patch management, and configuration compliance.
Coordinate DR exercises and tabletop simulations, track findings, and oversee remediation to strengthen resilience.
Prepare for and support internal and external audits, including SOC 2, ISO 27001, NYDFS, and customer due-diligence requests.

We are looking for a hands-on Senior DevOps Engineer with a strong cloud-native mindset to build, maintain, and evolve our highly scalable, highly-available cloud infrastructure. This role is pivotal in driving operational excellence, security, and automation across our entire engineering organization. You will promote communication, integration, and collaboration to significantly enhance our software development productivity and reliability. You'll work closely with engineering and product teams to streamline delivery, enforce platform standards, and enable a high-velocity development environment-all while keeping reliability and security top of mind.
Responsibilities:
Design, Automate, and Manage complex cloud infrastructure on AWS using best-in-class Infrastructure as Code (IaC) practices.
Lead the operation and enhancement of our production Kubernetes environments (EKS), focusing on automation, security, observability, and seamless CI/CD integration.
Drive continuous improvement across platform tooling, developer experience, and operational processes to meet our ambitious performance and uptime goals.
Implement and enforce security-first infrastructure patterns, including strong IAM, network segmentation, and secure secrets management.
Actively contribute to high-level technical design discussions and cross-functional architectural decision-making, ensuring solutions align with long-term platform strategy.

We are looking for a highly skilled and motivated Cloud security Team Lead to lead a team of cloud security professionals. This role focuses on designing and implementing secure cloud environments, guiding clients through cloud security strategies, and driving innovation in cloud-native security solutions.
Responsibilities:
Lead and mentor a team of cloud security experts
Design and implement secure cloud architectures across AWS, Azure, and GCP
Develop cloud security strategies, policies, and governance frameworks
Support pre-sales activities and lead technical discussions with clients
Stay up to date with evolving cloud threats, technologies, and best practices
Promote a security-first mindset in digital transformation and cloud migration projects
Educate and collaborate with clients technical and management teams (CIOs, CTOs, Architects, DevOps, Security team, etc.).

Were seeking a Senior Security Researcher to drive end-to-end research initiatives that strengthen detection capabilities. In this role, youll investigate emerging attack surfaces, craft and implement innovative detection logic, and test your findings in real-world environments. Its a hands-on position ideal for someone eager to transform research insights into effective, production-grade security defenses.
Responsibilities:
Research AI Agent and LLM-related risks, such as prompt injection and jailbreaking and implement sophisticated detection strategies.
Conduct research on cloud, web, and API security to uncover new threats and attack vectors.
Develop, refine, and design world-class detection logic and rules to enhance runtime protection.
Perform threat-hunting activities across large data sources to identify emerging attack patterns
Drive full-cycle research: from hypothesis and experimentation to production validation.
Collaborate with engineering and product teams to deliver actionable insights.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for a senior, hands-on Security Operations Lead to build, mature, and operate Zenitys detection, response, and corporate security capabilities. You will own the engineering, workflows, and processes that keep Zenity secure day-to-day, while continuously improving visibility, automation, and operational resilience across both corporate and production environments. This role requires a technical operator who can architect scalable detection and response pipelines, manage endpoint and identity security controls, streamline GTM security enablement, and collaborate across the company to reduce risk. You will balance strategic direction with hands-on execution-ensuring threats are identified quickly, incidents are handled effectively, and the organizations operational security posture remains strong as Zenity grows.
Responsibilities:
Own and mature Zenitys Detection & Response program, including alerting, triage workflows, incident playbooks, and end-to-end response processes.
Build and maintain detection logic, integrations, and automation across logging, SIEM, EDR, cloud telemetry, and internal monitoring systems.
Lead incident investigations, coordinate response across engineering and business teams, and ensure clear communication and post-incident reviews.
Manage Zenitys Corporate Security Program, including identity and access management, endpoint posture management, corporate data security controls, and DLP practices.
Oversee privileged access workflows and JIT access for corporate and production systems in alignment with least-privilege principles.
Partner with engineering teams to ensure production environments maintain strong security baselines, logging, and monitoring coverage.
Collaborate with GTM/Sales teams to support Security Enablement, including third-party security questionnaires, customer assurance needs, and auditor inquiries.
Build automation-first operational processes that reduce manual overhead and provide consistent, repeatable security outcomes.
Develop and refine detection and response runbooks, escalation paths, and cross-team coordination models.
Maintain and improve incident and operational metrics, dashboards, and KPIs to measure operational efficiency and threat coverage.
Drive the intake and prioritization of security operations requests through Jira and internal workflows.
Work closely with Product Security, Cloud/DevOps, and GRC to ensure shared visibility and aligned operational practices.
Identify operational security gaps, propose improvements, and lead implementation efforts across tooling, processes, and controls.
Promote a culture of proactive detection, fast response, and shared responsibility for organizational security.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance.
Mentor a team of SecOps experts, providing technical guidance in a fast-paced environment.
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.