דרושים » אבטחת מידע וסייבר » Cloud Security Engineer

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

We are looking for a Security Engineer to join our Security Engineering team. This is a generalist, "all-rounder" role - you will work across all security domains, while leading and owning a specific security domain based on your expertise.
You will define and drive security programs, design and implement security controls, and make architecture-level decisions across your domain. You will work closely with R&D, DevOps, and engineering teams, embedding security into how we build and operate at scale, and help shape a security-first culture across the organization.
What You'll Work On:
Define and maintain security standards, policies, and controls across all security domains - including SSDLC processes and secure development standards across R&D
Work hands-on alongside R&D, engineering, and IT teams to implement security controls, drive adoption, and ensure execution
Lead and contribute to large-scale security projects with real organizational impact
Evaluate, integrate, and operate industry-leading security tooling and platforms - including emerging startups with cutting-edge technologies
Build automation, tools, internal processes, Terraform modules, GitHub Actions, and AI agents for engineering teams and for your own team
Conduct security assessments and threat modeling.
Lead containment, investigation, and forensic analysis during security incidents
Identify security gaps and misconfigurations across cloud environments, infrastructure, and internal processes - and drive remediation through scalable, long-term solutions
Contribute across all security domains - cloud, application, AI security, detection engineering, IT, and more

We're looking for a Security Engineer - our company Product to spread the power of our company. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our companys products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing our company-for-our company to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our companys production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our company Federal team - extending our DevSecOps and Product Security practices to our companys FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our companys engineering and operations teams - helping them deliver secure-by-design solutions.

Were looking for an Application Security Engineer with a passion for AppSec to join our growing team.
Responsibilities:
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

We are seeking an experienced Security Engineer to join our team and take ownership of our enterprise security infrastructure. In this role, you will be responsible for managing, monitoring, and optimizing our security stack to protect the organization against evolving cyber threats. You will play a critical role in ensuring the security and integrity of our network, endpoints, cloud services, and email communications.
What youll do:
Manage and maintain FortiGate firewalls, including policy configuration, VPN setup, traffic monitoring, and firmware updates to ensure robust network perimeter security, Hands-on experience with next-generation firewalls, preferably FortiGate
Administer Cisco Meraki cloud-managed networking infrastructure, including security appliances, access points, and network segmentation policies
Oversee Netskope CASB and SASE solutions to enforce cloud security policies, manage data loss prevention (DLP), and ensure secure access to cloud applications
Monitor and respond to security incidents using CrowdStrike EDR, including threat hunting, investigation, containment, and remediation of endpoint threats
Manage Abnormal Security platform to detect and respond to advanced email threats, including business email compromise (BEC), phishing, and account takeover attacks
Administer Kandji MDM solution for Apple device management, ensuring endpoint compliance, software deployment, and security policy enforcement across the Mac and iOS fleet
Secure and manage Google Workspace environment, including user access controls, security configurations, and audit log monitoring
Develop and maintain security documentation, playbooks, and incident response procedures
Collaborate with IT and DevOps / R&D teams to implement security best practices across the organization
Conduct regular security assessments, vulnerability scans, and risk analyses
Stay current with emerging threats and security trends to continuously improve the organization's security posture
Experience managing cloud-based networking solutions such as Cisco Meraki

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

we are a leading hybrid cloud security company dedicated to transforming how organizations manage cyber risk. We deliver advanced exposure management solutions by simulating realistic attack paths across cloud and on-premises environments. Our proprietary technology uncovers misconfigurations, vulnerabilities, and identity exposures, enabling organizations to efficiently remediate cybersecurity risks. Position: Cloud Security Engineer Intern (Part-Time) We are seeking a talented and motivated Cloud Security Engineer Intern to join our Security Engineering team on a part-time basis. This internship offers a unique opportunity to gain practical experience working with state-of-the-art cybersecurity technologies and contribute to cutting-edge security solutions. Responsibilities:
* Analyze cloud platforms, tools and technologies for security controls implementation.
* Extract, manipulate, and analyze large datasets of cloud configuration data and security findings using SQL to uncover trends and hidden risks.
* Design and document clear specifications for security control.
* Collaborate closely with the development team to maintain, optimize, and improve existing infrastructure.

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

We are looking for an Adversarial Builder to lead the defense of our Global Application Landscape-securing everything from our core SDLC and Software Supply Chain to our enterprise-wide AI adoption.
In this hands-on role, you will:
Engineer, Dont just triage: Move beyond manual reviews to build code-driven detection logic and custom AI agents that automate vulnerability hunting, triaging and remediation.
Security by design: Partner with R&D teams (including Infra and DevOps) to define the application-level technical guardrails for internal and external-facing products.
Scout the Frontier: Act as an early adopter of state-of-the-art systems, evaluating and integrating cutting-edge tech from frontier security startups in AI and Cloud Runtime security.
This role demands a practitioner who thinks like an attacker, possesses a developers urge to automate, and has the broad landscape understanding to connect dots across complex, modern domains.
What Youll Do:
Promote Enterprise-Grade Security Initiatives: Engineer and scale the security strategy for entire product ecosystem, spanning both internal infrastructure and external-facing products. You will ensure code security at scale by hardening the SDLC, securing the Software Supply Chain perimeter, and designing the technical guardrails for AI adoption at both the enterprise and product levels.
AI Solutions Builder: scale our security program using AI-driven tools. You will develop and fine-tune autonomous agents to handle complex code analysis, vulnerability hunting, and automated remediation.
Drive Early Adoption of Frontier Tech: Act as a scout and evaluator for the worlds most innovative security startups. Youll partner with cutting-edge vendors in emerging fields like AI Security and Cloud Runtime Security, ensuring remains an early adopter of state-of-the-art defensive systems.
Scale Through Engineering: Move beyond manual reviews. Youll manage and extend AppSec tools to eliminate false positives and build custom logic that reflects our unique codebase.
Collaborative Engineering: Work alongside our in-house DevOps team to rapidly deploy custom security tools at an enterprise grade.

?We Are KPMG Israel We help organizations reinvent themselves. Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow. If you’re looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you. Integrity, excellence, and innovation are not just values - they are our standard. KPMG Israel is looking for an excellent Cloud Security Expert Major Responsibilities:
* Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customer’s secure cloud environments
* Deliver technology-related aspects of cloud security solutions and services to client engagements
* Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
* Cloud environments configuration reviews and assessment
* Act as technical subject matter expert and the technical focal point for clients
* When working with clients abroad, collaborate with KPMG member firms teams


תת מחלקה:
יעוץ סייבר ואבטחת מידע