דרושים » אבטחת מידע וסייבר » Cybersecurity Architect (GRC & Risk)

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
Location: Herzliya
Job Type: Full Time
we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
Strong understanding of governance, risk management, and operational processes.
Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
Basic conceptual understanding of cloud/SaaS shared responsibility models.
Ability to communicate technical issues in business‑aligned language.
Hands-on experience with security controls - an advantage.
Strong writing, communication, and facilitation skills.
Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731962
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are seeking a Junior Cybersecurity Architect to join our cybersecurity architecture team. In this role you would assist with enterprise level organizations' white-box maturity assessments, preform due-diligence assessments and help in designing actionable mitigation plans to identified risks to push forward our clients security program. This role is intended for candidates with a technical GRC, risk, or security assessment background who are strong in analysis, interpretation, and structuring of security information. You will work closely with CISOs, security leadership, engineering teams, and external customers, collaborating with senior security stakeholders as part of a versatile, and collaborative architecture team. The position emphasizes risk‑oriented thinking, security assessment methodologies, and architectural review over hands‑on technical configuration or operational security work.

Responsibilities
Support customer third‑party security due diligence assessments.

Support or lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.

Analyze technical findings and map them to governance, risk, and control gaps.

Review Implementation of technical security controls.

Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
1-2 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Basic conceptual understanding of cloud/SaaS shared responsibility models.

Ability to communicate technical issues in business‑aligned language.

Strong writing, communication, and facilitation skills.

Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731956
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a security architect to join our team! 
Responsibilities
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Review designed or deployed environments, identifying security flaws and recommending mitigations plans

Review Implementation of technical security controls, identify gaps and offer practical mitigations.

Escort, evaluate and improve our clients security posture by elevating their infrastructure resilience and implement best-practice organizational procedures

Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.

Research and advocate for new security solutions and technologies
Requirements:
Qualifications
3+ years of hands-on experience with securing large organizational networks, including security controls, OS hardening, network devices security, etc.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Significant experience in at least five subjects from the following list:

Vast knowledge and expertise in cyber-security IT systems and cloud infrastructure

Deep understanding of Microsoft IT on-prem and cloud infrastructure, e.g., Entra-id, Office365, AD, GPO, protocols.

Practical experience with cloud environments - AWS, Azure, GCP- A significant advantage

Practical experience in consulting services and risk assessment

Practical experience with security configuration and maturity assessment

Knowledge of security controls, e.g., AV, EDR/XDR, DLP, Device control, etc.

ZTNA design & deployment experience.

Experience with implementing security monitoring procedures & systems (SOC, SIEM, SOAR)
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731964
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
25/06/2026
חברה חסויה
Location: Herzliya
Job Type: Full Time
We are seeking a highly skilled and experienced Security GRC Specialist to join our team. This position reports directly to the GRC Manager, as part of the CISO group. The ideal candidate should have a strong background in GRC, with a proven track record of successfully implementing GRC programs. This role requires a diligent professional who thrives in a fast-paced environment and can manage multiple priorities while maintaining attention to detail.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Manage ISO 27001/ISO27017/ISO27018 compliance by conducting gap analyses, maintaining ISMS documentation, and coordinating audits to ensure ongoing certification.
Respond to customer due diligence requests and support the review of security and compliance clauses in customer and vendor contracts,
Conduct third-party risk assessments and identify potential security threats and vulnerabilities.
Manage and maintain the GRC platform to ensure accurate compliance monitoring, documentation, and audit support
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.
Requirements:
Minimum of 3 years of experience in GRC, and information security.
Strong knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001).
Experience in responding to customer due diligence requests.
Experience in conducting security audits such as SOC 2 and ISO 27000 family.
Experienced with leading GRC platforms, covering third-party risk management, audit management, and security awareness programs.
Excellent analytical, attention to detail, problem-solving, and communication skills.
We are looking for a passionate candidate who can work independently and collaboratively as part of a team in a fast-paced environment.
Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Highly advantageous experience with:
ISO 42001 compliance, including implementation, documentation, and audit coordination.
Payment Card Industry (PCI) standards.
Business Continuity Management.
Developing GRC platform automations, integrations, and workflows.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8711405
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a Cyber Security Expert with hands-on experience in offensive security, possessing strong technical capabilities, in-depth knowledge of adversary simulation, and a passion for Red Team operations.
Responsibilities
Participate in Red Team assessments that simulate real-world threats and remain undetected by the client's defensive team. These stealth operations simulate advanced adversaries and require careful planning, execution, and OPSEC
Lead or co-lead portions of internal and external offensive assessments, including perimeter exploitation and post-exploitation in Active Directory
Perform Purple Team engagements to help clients improve their monitoring and detection capabilities while sharpening your own offensive skills
Document attack paths, risk analysis, technical findings and remediation guidance in detailed reports tailored to both technical and executive audiences.
Collaborate with the team to develop and maintain internal tooling, scripts, and documentation for offensive operations
Continuously research and test new techniques, tools, and attack paths to further enhance Red Team capabilities
Requirements:
Requirements
2+ years of hands-on experience in offensive security, red teaming, or penetration testing
Hands-on experience with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver)
Strong understanding of Active Directory, domain escalation paths, Kerberos, trust relationships, GPO abuse, credential access, etc.
Proficiency in various offensive techniques such as Relay Attacks, Coercion, Kerberos Attacks, Privilege Escalation, etc.
Familiarity with network protocols (e.g., SMB, DNS, LDAP, HTTP) and system internals (Windows and Linux)
Strong understanding of OPSEC considerations during covert operations
Ability to present and produce clear and actionable technical reports and documentation in English
Experience working in client-facing roles or as part of structured engagements
Proficient in one or more scripting/programming languages: Python, PowerShell, C#, or C++
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731960
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of products.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring remains ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams
Requirements:
4+ years of experience in Application Security, Penetration Testing, or Product Security in a SaaS company
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Deep understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles
Proficiency in scripting or programming languages (Python, JavaScript, Go, etc.) for security automation
Experience with cloud security best practices (AWS, GCP, or Azure)
Hands-on experience with DevSecOps and integrating security tools into CI/CD pipelines
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management
Experience working with large-scale, complex R&D environments
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723935
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a talented Application Security Specialist to join our team. In this role, you will take an active part in application penetration testing, threat modeling, Secure SDLC activities, and AppSec initiatives that help evaluate and improve security posture. The position includes hands-on security testing of web, mobile, API, thick client, AI/LLM integrations, and MCP-based application components, identifying and validating vulnerabilities, assessing real business impact, supporting customers with clear remediation guidance, and contributing to application security processes, tools, and best practices.

Responsibilities
Perform hands-on application penetration testing across web, mobile, API, thick client, AI/LLM integrations, and MCP-enabled application components.

Perform threat modeling and secure design reviews to identify risks early in the development lifecycle.

Support development teams with practical remediation guidance and secure implementation recommendations.

Perform Secure Software Development Lifecycle and secure coding training for developers.

Evaluate and improve customers application security development lifecycle, including secure coding practices, vulnerability management, remediation workflows, and security gates.

Participate in client-facing discussions, including assessment scoping, finding walkthroughs, remediation alignment, and retest updates.
Requirements:
Qualifications
2+ years of hands-on experience in application penetration testing.

Strong understanding of OWASP Top 10 and CWE Top 25, with proven experience identifying vulnerabilities and supporting practical remediation strategies.

Familiarity with high-level programming languages (Java, JS, Python, etc.).

Relevant App PT training and certifications such as EWPTX, OSWE, etc.

Strong English communication skills, with the ability to communicate technical topics clearly in client-facing discussions.

Advantage: Deep understanding of the LLM Top 10, AI security risks, MCP security risks, and AI/LLM hacking techniques.

Advantage: Proven experience in secure code review or high-level code auditing.

Advantage: Knowledge of Secure SDLC practices, and methodologies, including Microsoft SDL, OWASP SAMM, and OWASP ASVS.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731965
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
As a DFIR team member, you will participate in hands-on security research and investigations, helping our customers understand and mitigate cyber threats and attacks.

Responsibilities
Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery
Perform incident response in a cloud environment (Azure, AWS etc.).
Perform digital forensics investigations
Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors
Perform hunt-evil and find-evil activities for proactively detecting attacks
Work closely with our in-house red team, CTI, and cyber architect teams
Work closely with worldwide companies, CISOs, and technology experts
Requirements:
Qualifications
2-3 years of experience as a DFIR team member
Experience with performing digital forensics in a cloud environment
Experience with performing digital forensics of Windows-based and/or Linux-based platforms, network forensics, and analysis
Thorough understanding of threat hunting models, as well as cyber threat intelligence, including TTP and IoCs extraction and mapping
Experience with research and data analysis of large DBs via Splunk, Elasticsearch, SQL, or VQL
Strong understanding of targeted attacks; able to create customized tactical remediation plans
Good written and verbal English communication skills
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731958
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
we are looking for a Embedded Systems Vulnerability Researcher.
As an Embedded Systems Vulnerability Researcher, you will operate at the cutting edge of security projects. Your mission is to identify, exploit, and mitigate security flaws in complex hardware/software ecosystems. You will bridge the gap between the digital and analog worlds, analyzing everything from low-level firmware to the electromagnetic spectrum.
Responsibilities:
Vulnerability Discovery: Perform deep-dive security analysis and "bug hunting" on proprietary embedded systems and RTOS.
Exploit Development: Create Proof-of-Concept (PoC) exploits for identified vulnerabilities, including memory corruption, logic flaws, etc.
Firmware Analysis: Conduct static and dynamic analysis of binary blobs using advanced reverse engineering suites.
Hardware Probing: Utilize JTAG, UART, and SWD interfaces to extract firmware, monitor execution, etc.
Tooling: Develop custom scripts and tools in Python, C, C++ to automate the research and exploitation pipeline.
Requirements:
The Mindset: Passion and motivation for finding vulnerabilities in complex systems.
Reverse Engineering: High-level proficiency in IDA Pro, Ghidra, etc., specifically targeting non-x86 architectures (ARM, MIPS, RISC-V).
Low-Level Mastery: 4+ years of experience in C/C++ and Assembly, with a deep understanding of memory management, heap/stack protections, and OS internals.
System Knowledge: Comprehensive understanding of the boot process and hardware-software abstraction layers.
Advantages
RF Security: Experience with Software Defined Radio (SDR), signal processing, and protocol analysis of wireless communications.
Education: Bachelors degree in Physics, Electrical Engineering, or Computer Science.
Military Background: Graduate of an elite technological unit in the IDF.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8688182
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Herzliya
Job Type: Full Time
We seek an embedded security researcher to join us in developing cutting-edge cybersecurity projects.
Responsibilities:
As an Embedded security researcher, you will be dealing with:
Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.
Requirements:
Deep understanding of embedded systems internals and OS.
5+ years of experience in real-time embedded systems development, writing code in Rust / C / C++ / Assembly.
Experience in reverse-engineering using disassemblers (IDA or GHIDRA).
Deep knowledge of network communication protocols and topologies.
Highly motivated and very creative individual.
Advantages:
Experience in vulnerability research.
Graduate of an elite technological unit in the IDF.
Bachelor's degree in computer science or engineering.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8688147
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a Security Researcher to research and develop cutting-edge cyber projects.
We face highly complex technological challenges and need talents to help us overcome them.
Do what you love:
As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.
Requirements:
4+ years of relevant industry experience as a vulnerability researcher or equivalent.
● Experience with writing code in assembly or c and Python.
● Experience with a dis-assembler for vulnerability research (IDA Pro or GHIDRA)
● Experience with complicated exploitation methods.
● Deep understanding of OS internals (Mac, Windows, Android etc.).
● Good understanding of common security mitigations.
● Highly motivated and creative individual.
Advantages:
Graduate of an elite technological unit in the IDF
Bachelor's degree in computer science or software engineering
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8688137
סגור
שירות זה פתוח ללקוחות VIP בלבד