לוח משרות דרושים מומחה אבטחת מידע / סייבר בתל אביב יפו

XM Cyber is a global leader in hybrid cloud security. XM Cyber brings a new approach that uses the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The XM Cyber platform enables companies to rapidly prioritize and respond to cyber risks affecting their business-sensitive systems.
About the role: Are you a super-talent Senior Software Engineer with a deep passion for cybersecurity and a profound understanding of AI-driven attack techniques? We are looking for a highly professional and responsible R&D member to join our team.
This role is for someone who thrives on technical challenges and is ready to leverage their expertise to identify, analyze, and defend against advanced cyber threat
Responsibilities: As a Senior Software Engineer in R&D, you will be a key player in the design, development, and deployment of our cybersecurity platform. Your responsibilities will include: ? Leading the research and implementation of techniques to identify and mitigate AI-related attack methods, such as data manipulation and adversarial attacks on security systems. ? Developing and integrating new security features into our platform to proactively defend against modern cyber threats. ? Collaborating with our team to define technical requirements and architectural solutions for cutting-edge security features. ? Tackling challenging technical problems at the intersection of cybersecurity and low-level systems.

looking for a high-energy, talented people to join the Security team. As a Security Engineer, you will take part in product content development and build logics and signatures to mitigate emerging security threats. Your work outcome will feed Cato Cloud security products such as the IPS and Suspicious Activity Monitoring with the latest protections. You will analyze protocols and investigate various attacks utilizing network analysis tools and modern data analysis frameworks. Joining is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security.

Responsibilities:

Research and analyze new threats and develop product content such as IPS signatures and logic to provide the best protection for Catos customers.
Enhance product accuracy and its ability to detect new threats in the dynamically-changed security landscape.
Monitor your work using different monitoring tools and methods over the cloud.
Utilize Cato Data Warehouse with big-data technologies to support your work.

We are looking for proactive, analytical talented people to join the Security Applications Content team.
As a Senior Security Engineer (Network & Apps), you will analyze protocols and application traffic (L4-L7) using network and web analysis tools, as well as modern big data analysis frameworks.
You will add content to Catos security and network products such as NGWF, CASB, DLP, Device Management and more.
Joining Cato is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security
Responsibilities:
Research and analyze network and application behavior as part of Cato Networks
Security products (NGFW,CASB,DLP,Device Management and more).
Suggest and conduct new research vectors
Utilize Catos Data Warehouse with big-data technologies to support your work
Automate your work to improve efficiency

Required IT & Security Operations Specialist
Responsibilities:
Lead and manage E2E complex projects in the IT, IS and Security department
Coordinate and work closely with security teams
Establish effective relationships with stakeholders, communicate project updates and risks, collaborate with business units to understand their needs.
Develop and maintain project documentation, prepare reports and departments statistics.
Experience in managing projects related to security infrastructure, compliance, risk, GRC, IAM, or cloud security.

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

We are seeking a highly skilled and experienced Information Security Specialist to join

As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the =security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain =security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with =. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

We are seeking a talented and experienced Senior Full Stack Engineer to join Application Team. In this role, you will develop the customer-facing application that delivers our security solutions. This team works closely with Solutions Architects, Customer Success, and Pre-Sales Engineers, ensuring a seamless and powerful user experience.
Responsibilities:
Designing and implementing core components within the web app and our backend services.
Planning and implementing the rollout, testing and monitoring of features deployed to production end to end.
Conducting design and code reviews with the other team members.
Analytical approach for scale, optimizations and also awesome UX.
Drive and passion for pushing cross R&D-product workflows and initiatives.

We are looking for a highly motivated Security Operations (SecOps) Engineer to join our growing security team. The ideal candidate will bring 34 years of hands-on experience in cybersecurity operations and incident response, with strong expertise in cloud environments. You will play a key role in designing, implementing, and managing security monitoring, detection, and response capabilities that safeguard our organizations assets, data, and customers.


Key Responsibilities
Design and maintain monitoring flows and detection use-cases across SIEM and related systems.
Develop, optimize, and tune security rules, alerts, and dashboards.
Integrate threat intelligence feeds into monitoring tools.
Lead and support security investigations, from triage to remediation.
Coordinate with internal teams and external partners to contain and resolve incidents.
Create and maintain playbooks, runbooks, and IR documentation.
Build and maintain security automation and orchestration workflows to accelerate response.
Ensure compliance with security policies, frameworks, and regulatory requirements (SOC 2, ISO 27001, GDPR, etc.).
Maintain clear documentation of procedures, incidents, and improvements.

Required Domain Consultant - Network Security
Your Career:
As a domain consultant for network security transformation, you provide technical expertise and guidance in customers' network security and zero trust journey. You will be key in defining technical solutions that secure a customers key business imperatives. You evangelize our industry leadership in on-prem, cloud, and security services that establish us as a customers cybersecurity partner.
Your Impact:
Collaborate with sales teams to recommend and develop customer solutions within your assigned specialization.
Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership.
Lead and support customer demonstrations that showcase our unique value proposition.
Responsible for prospective customers and partners' Technical Validation projects based on best practices to ensure technical win in assigned opportunities.
Architect solutions that will help our customers strengthen and simplify their security posture
Document high-level design and key use cases to ensure proper implementation and value realization of our solutions
Lead conversations about industry trends and emerging changes to the security landscape.
Responsible for discussing and highlighting product alignment with customer requirements and differentiation
As the main technical point of contact for Network Security, you will assist and collaborate to respond effectively to RFIs/RFPs.
Position us or Partner delivered services as appropriate to ensure proper implementation and value realization of our solutions
Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative
Distinguished by additional specialized knowledge in breadth and/or depth.

The Trusted Infrastructure Team plays a pivotal role in laying down the foundational frameworks for secure and confidential computing. By combining advanced security protocols with the latest innovations in confidential computing, we lead the charge in ensuring data security and integrity in all our operations. This unit is perfect for those who are eager to influence large-scale, transformative security practices and enjoy the challenge of developing state-of-the-art infrastructure technologies.

What Youll Do
Lead and Mentor: Manage a team of talented developers, setting technical direction and providing mentorship to foster professional growth and inspire innovative solutions.
Confidential Computing Development: Drive key projects involving the design and deployment of confidential computing frameworks, setting the stage for the companys future security standards.
Innovative Strategy Implementation: Play a strategic role in influencing and advocating for the integration of new security technologies and protocols across our infrastructure.
C++ Development: Utilize your expertise in C++ to design robust, efficient, and secure software solutions that meet our high standards.
Collaboration and Knowledge Sharing: Work closely with cross-functional teams, leading workshops and presentations to share insights and innovations within the organization.
Production Issue Resolution: Tackle complex production and security challenges, developing robust solutions that enhance our overall operational security and performance.

As the Senior Information Security Architect , you will be the owner and chief designer of our corporate security architecture.

Youll be in charge of embedding security by design into every layer of the corporate technology stackcloud, SaaS, applications, and infrastructure.

In this highly influential role, you will set the strategic vision for secure architecture, lead threat modeling initiatives, and act as the ultimate authority on how builds, scales, and protects its corporate systems. Youll partner with engineering, product, and operations leaders to ensure that security is not just an add-on, but a foundational principle driving every decision.
Key Responsibilities-
Architect secure-by-design systems across corporate multi-cloud (Azure, AWS, GCP) and SaaS applications, ensuring strong IAM and key management practices.
Design and manage secure network architectures, applying strong knowledge of TCP/IP, DNS, VPNs, and enterprise firewalls, IDS/IPS, and traffic monitoring tools.
Secure operating systems (Linux, macOS) and oversee endpoint protection through leading EDR/XDR solutions
Act as the architectural authority in design decisions, setting technical direction and influencing company-wide security practices.
Take ownership of threat modeling for the corporate most critical systems, leading structured analyses to anticipate where attacks may occur and how to prevent them.
Skilled in vulnerability scanning, patching strategies, and prioritizing risks with enterprise-grade scanning platforms.
Hands-on experience designing, implementing, and enforcing security controls to prevent data leaks, unauthorized access, advanced cyberattacks, and emerging threats. This includes working with DLP solutions (e.g., Symantec DLP, Microsoft Purview, Digital Guardian), IAM and PAM platforms (e.g., Okta, Azure AD, CyberArk), endpoint protection and XDR tools (e.g., CrowdStrike, SentinelOne).
Lead the evaluation and adoption of next-generation security tools and technologies, ensuring stays ahead of attackers.
Serve as a trusted advisor and security leader, guiding executives and engineers alike in making security-first decisions.

We are looking for a highly skilled Product Security Architect to join our team at our company. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our company development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

we are seeking a passionate and skilled Information Security Engineer to join our team. In this role, youll be responsible for enhancing the security of our enterprise environment, working with a variety of security tools and technologies. We're looking for individuals with a strong background in information security who are eager to help shape the future of cybersecurity and protect our organization from evolving threats.
In this position you will:
Design, implement, and maintain robust security controls across our enterprise infrastructure, including endpoint, identity, and data protection systems.
Lead and support efforts to harden our companys internal environments against evolving threats, including proactive risk identification and remediation.
Collaborate closely with DevOps, IT, and engineering teams to secure enterprise platforms.
Contribute to the evaluation and deployment of security technologies (e.g., EDR, DLP, IAM, MFA, logging and monitoring solutions).
Take ownership of end-to-end security projects, from concept through implementation and operationalization.
Help define and enforce security policies, standards, and best practices across the organization.
Participate in threat modeling, vulnerability management, and incident response processes.
Engage in continuous improvement efforts in a collaborative, agile, and fast-paced environment.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

As a Research Analyst, your responsibilities will include developing, managing and improving existing detection methods, correlating and discovering relationships between events and incidents, and producing research proposals, publications, and analysis reports. You will contribute to process improvement and efficiency by researching, assessing, and analyzing threat actors and adversary tactics and techniques based on real-world observations. We're looking for a motivated and seasoned security professional with the technical skills to analyze malware, conceive, design, and develop new methods or approaches to address Cyber security threats/attacks. We value deep knowledge of hacking methodologies, a proven track record in delivering impactful cybersecurity solutions, and a strong drive to contribute meaningful security insights to our community!