דרושים » אבטחת מידע וסייבר » IT Security Engineer

We are seeking a highly experienced Microsoft 365 Cloud Security Engineer to own the administration, configuration, and security of our enterprise Microsoft 365 tenant(s). The ideal candidate has proven hands-on expertise managing Microsoft 365 at scale, including Intune, Exchange Online, SharePoint/OneDrive, Teams, Entra ID, Defender, and related integrations
You will play a key role in ensuring availability, governance, identity and access control, endpoint compliance, and modern security posture across the entire Microsoft cloud ecosystem, with close collaboration across IT, Security, and business stakeholders.
Key Responsibilities
Microsoft 365 Tenant Administration
Administer and maintain enterprise-scale M365 tenants, including configuration, governance, and operational support.
Oversee service health, usage reporting, licensing, and user lifecycle management.
Maintain documentation of configurations, workflows, and operational procedures.
Microsoft Intune / Endpoint Management (Full Scope)

Own all aspects of Intune administration, including:
Device enrolment (Windows, macOS, iOS/iPadOS, Android)
Configuration profiles, compliance policies, and security baselines
Autopilot provisioning, device naming policies, and lifecycle
Conditional Access integration with device compliance
Endpoint security policies (AV, firewall, ASR rules, BitLocker, etc.)
Identity & Access Management (Entra ID / SSO)
Manage and secure Microsoft Entra ID (Azure AD) for identity, authentication, and access governance.
Configure and maintain SSO integrations with SaaS applications using SAML/OAuth/OIDC.
Implement and optimize:
Conditional Access policies
MFA enforcement and authentication methods policy
Privileged Identity Management
Identity Protection policies (risk-based controls)
Security & Threat Protection
Deploy and manage Microsoft Defender stack relevant to the organization
Integrate and manage endpoint security posture with non-Microsoft EDR platforms, such as Sentinel One/CrowdStrike
Collaborate with Security teams to implement detection and response workflows, ensure coverage, and align with organizational policy.
Messaging & Collaboration
Exchange Online
Administer Exchange Online policies and configurations
Implement email security best practices and support incident response when needed.
Microsoft Teams
Administer Teams policies and governance - Teams lifecycle policy, app permissions, meeting policies; External access and guest collaboration settings
SharePoint / OneDrive
Administer SharePoint Online and OneDrive settings, including:
Site governance, permissions, and sharing controls
Sensitivity labels and information protection controls (if used)
Sync and storage management, auditing and access policies.

We are looking for a highly skilled Cloud Security Engineer who can embed security across cloud infrastructure, CI/CD pipelines, applications, and AI-enabled environments. This role is ideal for someone with deep hands-on experience in cloud security, automation, and secure software delivery, combined with growing or strong specialization in AI/ML security, LLM security, and modern data platform protection.
The ideal candidate will help design, implement, and scale security controls across our cloud-native ecosystem while partnering closely with engineering, platform, data, and AI teams to ensure security is built into every stage of development and deployment.
Job responsibilities
Design, implement, and manage security controls across cloud environments such as AWS, Azure, or GCP
Secure cloud infrastructure, Kubernetes clusters, containers, storage, networking, IAM, and secrets management
Define and enforce cloud security baselines, guardrails, and best practices using infrastructure-as-code and policy-as-code
Monitor cloud environments for misconfigurations, threats, and anomalous behavior, and drive remediation efforts
Support incident response, threat detection, vulnerability management, and post-incident reviews for cloud systems
Integrate security into CI/CD pipelines and software delivery processes
Implement automated security testing such as SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection
Partner with engineering teams to improve secure SDLC practices and reduce security friction
Build reusable security automation and self-service controls for developers and platform teams
Collaborate with DevOps, SRE, and engineering teams to harden deployment pipelines and production environments
Partner with AI and data teams to secure AI/ML workflows, model development, and deployment pipelines
Define security controls for LLM applications, training data, vector databases, APIs, model endpoints, and agent-based systems
Help assess and mitigate AI-specific risks such as prompt injection, model abuse, sensitive data leakage, insecure plugins/tools, supply chain risks, and unauthorized model access.

We are looking for a Security Engineer to join our Security Engineering team. This is a generalist, "all-rounder" role - you will work across all security domains, while leading and owning a specific security domain based on your expertise.
You will define and drive security programs, design and implement security controls, and make architecture-level decisions across your domain. You will work closely with R&D, DevOps, and engineering teams, embedding security into how we build and operate at scale, and help shape a security-first culture across the organization.
What You'll Work On:
Define and maintain security standards, policies, and controls across all security domains - including SSDLC processes and secure development standards across R&D
Work hands-on alongside R&D, engineering, and IT teams to implement security controls, drive adoption, and ensure execution
Lead and contribute to large-scale security projects with real organizational impact
Evaluate, integrate, and operate industry-leading security tooling and platforms - including emerging startups with cutting-edge technologies
Build automation, tools, internal processes, Terraform modules, GitHub Actions, and AI agents for engineering teams and for your own team
Conduct security assessments and threat modeling.
Lead containment, investigation, and forensic analysis during security incidents
Identify security gaps and misconfigurations across cloud environments, infrastructure, and internal processes - and drive remediation through scalable, long-term solutions
Contribute across all security domains - cloud, application, AI security, detection engineering, IT, and more

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

As an innovator at heart, you will rethink the way SOCs do security. Join the analytics research group to build our analytics module by defining detection use cases, data, and content. You will collaborate with an amazing team of researchers to protect our customers across multiple domains such as Cloud, Kubernetes, SAAS, and Email security while working on a startup-level product within the biggest security company to revolutionize the security market.
Key Responsibilities
Build a startup-level security product within a corporate environment, blending agility with enterprise resources to deliver cutting-edge solutions.
Explore how email threats evolve into Cloud, SaaS, Endpoint, and Network domains, developing detection mechanisms to counter complex attack vectors.
Gain expertise across diverse domains, including endpoint, cloud, and SaaS security, to foster a comprehensive understanding of the threat landscape.
Design advanced detection systems using machine learning and LLMs to identify and mitigate threats.
Simulate and analyze sophisticated attacks to anticipate and counter evolving threats.
Share insights with the security community through blogs, white papers, and conferences.
Collaborate with a skilled team to innovate and enhance security offerings across various domains.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

Were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, youll:
Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments
Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
Automate forensic evidence collection and response actions across diverse platforms and services
Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility
Lead incident retrospectives and document technical findings, response steps, and process improvements
Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables
Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols.

?We Are KPMG Israel We help organizations reinvent themselves. Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow. If you’re looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you. Integrity, excellence, and innovation are not just values - they are our standard. KPMG Israel is looking for an excellent Cloud Security Expert Major Responsibilities:
* Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customer’s secure cloud environments
* Deliver technology-related aspects of cloud security solutions and services to client engagements
* Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
* Cloud environments configuration reviews and assessment
* Act as technical subject matter expert and the technical focal point for clients
* When working with clients abroad, collaborate with KPMG member firms teams


תת מחלקה:
יעוץ סייבר ואבטחת מידע

As part of the Perimeter team, you'll manage all incoming and outgoing traffic within our company's infrastructure, ensuring security and efficiency. In your day-to-day, you will:
Quickly identify and resolve infrastructural problems related to networking and security stacks
Ensure that network services across the company are effective and secure
Design and implement the next generation of tools for better efficiency.