לוח משרות דרושים מומחה אבטחת מידע / סייבר בהרצליה

The Software Engineering team delivers next-generation application enhancements and new products for a changing world. Working at the cutting edge, we design and develop software for platforms, peripherals, applications and diagnostics all with the most advanced technologies, tools, software engineering methodologies and the collaboration of internal and external partners.
Join us as a Software Principal Security Engineer on our Software Engineering team in Herzliya to do the best work of your career and make a profound social impact.
What youll achieve
As a Principal Software Security Engineer, you will be a key leader in designing, implementing, and maintaining robust security solutions for our complex, multi-component systems, ensuring the confidentiality, integrity, and availability of sensitive data. You will play a critical role in protecting our customer data and intellectual property from evolving cyber threats.
You will:
Lead Security Design: Architect and design secure software solutions for complex systems, incorporating secure coding practices, cryptography, and network security principles.
Work with a global team on refining requirements and solutions for secure product development
Leading and Contributing to the development and implementation of these secure strategies for complex software products and systems/for storage products and systems

Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we help customers and partners resolve their issues quickly, prevent future problems from occurring, and demonstrate new ways to achieve more from their investment.
As a Senior Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.

In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer you will own, troubleshoot and solve highly complex customer technical issues. This opportunity will allow you to accelerate your career growth by honing your problem-solving, collaboration and research skills, and developing your technical proficiency.

This role is flexible in that you can work up to 100% from home.
mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Scope customer security incidents
Understand and identify indicators of attack and indicators of compromise
Analyse incident data from threat analytics tools
Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customers environment
Coordinate a response to the security incident with other security and consulting teams.
Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
Perform security triage and analysis on endpoint, server and network infrastructure.
Perform activities necessary for immediate containment and short-term resolution of incidents.
Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
Investigate root cause of complex security incidents
Maintain a high level of confidentiality
Participate in the on-call rotation as required

we are looking for a Vulnerability Researcher to research and develop cutting-edge cyber projects.

We are facing extremely complex technological challenges and need talents to help us overcome them.

Do what you love

As a Vulnerability Researcher, you will be conducting top-notch security research on one of the most prominent operating systems in the market.

In this role you will be:

Playing a major role as part of our vulnerability research group

Research operating systems internals, kernel, application codebases, vulnerabilities, and exploits.

Design and implement the full chain solution while integrating with state-of-the-art security solutions of different domains.

Are you looking for a challenge that puts you at the center of the worldwide Platform? Are you passionate about finding security breaches and vulnerabilities? Do you have Offensive mindset? 

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it. 

a world leader in security and is obsessed with making sure that our platform and services are secure, and we can protect our customers and their workloads. We are expanding security research team. The team will focus on making sure our services are built with a security-first mindset by proactively looking for breaches and vulnerabilities in the across Azure architecture and services, to make sure Azure is safe, secure, and reliable. 
mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
Be a subject matter expert, leveraging a broad and current understanding of security to devise new protections and exploit mitigations.
Identify security vulnerabilities and gaps in a wide variety of key services across Azure services, network protocols and architecture.
Collaborate with other security and product teams to improve security, and articulate the business value of security investments for designing and developing new security mitigations and defenses.
Drive security root cause analysis, identifying key gaps and being able to drive effective mitigations while understanding the engineering constraints.
Interaction with the security ecosystem and leadership in and outside.

As a Cyber Security Architect, you will be responsible for designing, developing, and implementing security solutions to protect our company's infrastructure, applications, and data from cyber threats.
You will collaborate with IT, development, and business teams to define security frameworks, enforce best practices, and ensure compliance with industry standards. Your role is critical in identifying security risks, designing resilient architectures, and leading security initiatives to strengthen enterprise security against evolving threats.
Key Responsibilities
Develop and implement security architectures for cloud, on-premises, and hybrid environments.
Identify vulnerabilities, assess security risks, and recommend effective mitigation strategies.
Design and implement security controls for cloud environments (Azure, AWS, GCP).
Develop and enforce strong authentication, authorization, and access control policies.
Provide guidelines for security-related solutions, including firewalls, SIEM, EDR, WAF, DLP, VPNs, and Zero Trust Network Access (ZTNA).
Lead OS hardening efforts for Windows, Linux, and macOS environments to reduce attack surfaces and enhance system security.
Collaborate with SOC teams to detect, respond to, and remediate security incidents.
Work cross-functionally with development, infrastructure, and business teams to ensure security is a priority in all projects.

required Cloud Security Research Team Leader
Responsibilities
Team Leadership
Lead and mentor a team of top notch cloud security researchers.
Foster a culture of innovation, collaboration, and excellence within the team.
Provide technical guidance and support to team members.
Research and Development
Conduct advanced research in cloud security, focusing on emerging threats, vulnerabilities, and mitigation strategies.
Analyze logs and behavior of user activities on Cloud Environments & SaaS Applications
Hunt threat actors & insider threats
Optimizing existing algorithms to reduce false positives and increase the value of our products
Lead the publications of cyber security oriented blogs and articles
Drive the development of new security technologies and methodologies for cloud environments.
Stay updated with industry trends and advancements in cloud security.
Collaboration:
Collaborate with product management, engineering, and other stakeholders to implement your team latest research
Work closely with development teams to integrate security features into our product
Communicate research findings and recommendations effectively
Security Strategy:
Contribute to the development and implementation of cloud security strategies and policies
Assess and mitigate risks associated with cloud deployments and operations.
Ensure compliance with industry standards and regulations related to cloud security.

We are looking for a Director of Product Security to join our R&D organization and take full ownership of our company's product security initiatives. In this key leadership role, you will spearhead the development and implementation of our comprehensive security strategy, encompassing both SaaS and on-premises solutions.
Responsibilities:
Develop and lead the strategic vision to manage both internal and external risks associated with our company's products and solutions.
Proactively advise the business on how to maintain compliance with appropriate regulatory or industry best practices.
Drive secure development lifecycle and integration of security features into all phases of software design and development, including advising on proper software architecture security standards.
Vulnerabilities management - Identify and facilitate remediation of application and cloud platform exposures and vulnerabilities, including implementation of relevant systems and tools for these purposes.
Conduct cloud security strategy, readiness and discovery assessments; be familiar with cloud security frameworks, compliance requirements and security operations
Research new application security tools and technologies as requested and evaluate options that enhance security capabilities.
Lead compliance gap analysis and implementation (such as SOC2, SOC3, FedRAMP)
Work closely with R&D groups - Dev teams, Platform, DevSecOps and DevOps teams, to enhance application and platform security on all layers, including monitoring and enforcement.
Conduct periodic pen testing against our Saas Platform components.

We are in search of a skilled and motivated Security Researcher to join our team.
As a Security Researcher, your primary focus will be on creating and researching anomaly and behavioral based threat models, dissecting attack techniques, and leading proactive threat-hunting endeavors across a spectrum of domains, including cloud infrastructures (with a specialized emphasis on Office 365 and Azure), network security, proxies, firewalls, DNS, Active Directory, Azure Active Directory, and SharePoint, and product security.
Your role will require a profound comprehension of security concepts and a forward-thinking approach to identifying and writing detections for potential risks.

Are you ready to power the future? At SolarEdge (NASDAQ: SEDG), we're a global leader in smart energy technology, with over 4,000 employees, offices in 34 countries, and millions of installations worldwide. Our innovative solutions include solar inverters, battery storage, backup systems, EV charging, and AI-based energy management. We're committed to making clean, green energy the primary power source for homes, businesses, and beyond. With the growing demand for electricity, the need for smart, clean energy sources is constantly rising. SolarEdge offers amazing opportunities to develop your skills in a multidisciplinary environment, covering everything from research and development to production and customer supply. Work with talented colleagues, tackle exciting challenges, and help create a sustainable future in an industry that's always evolving and innovating. Join us and be part of a company that values creativity, agility, and impactful work. This role is a team member in our security engineering team. The Cyber Security team is composed of strong and experienced security engineers, responsible for designing, implementing, analyzing, and maintaining an on-prem\cloud-based security controls in particular OT security. What you will be doing:
* Manage the day-to-day operations of the company’s security infrastructure systems.
* Will lead the implementation of IT/OT cyber security systems in the organization.
* Provide security guidelines to various projects and systems.
* Research new innovative technologies to mitigate security gaps and work to implement in the production

Country:
Israel

City:
Herzliya

ur Perks:
Incredible benefits
Hybrid and flexible
Multiple career advancement opportunities
As a Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding and exploiting vulnerabilities and circumventing modern mitigation techniques

As an Android OS Internals Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Your role will include: Researching OS internals, deconstructing of applications, architecture reviews and red-team tests
Define product requirements, alert mechanisms, working procedures and more

looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.

Responsibilities
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.

Responsibilities
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in CYE
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing

looking for a talented Application Security Specialist to be a part of our team. As an Application Security Specialist, you will take an active role in security development lifecycle activities and penetration testing that will help evaluate our customers security level and improve it. A typical job could be breaking into a critical system of a Fortune 500 organization, analyzing the Secure-SDLC security gaps in a large department in a huge enterprise, and reverse engineering an application and encryption method in order to gain access to sensitive data.

Responsibilities
Manage, evaluate, and improve the application security development lifecycle of our clients.
Identify, communicate, and drive the resolution of vulnerabilities.
Research and advocate for new application security solutions and technologies.
Continue to drive security evaluation earlier in the cycles through iterative security testing.
Operate as an incident responder for triage pertaining to web-based vulnerabilities.
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts.
Improve secure coding practices, application security requirements, automation, training, and metrics.