לוח משרות דרושים מומחה אבטחת מידע / סייבר ברחובות, לחיפוש זה נמצאו 6 משרות

Were looking for a Security Response Engineer with strong expertise in Web Application security to join our Advanced Security Response Team (ASRT).
The Advanced Security Response Team is dedicated to the first response for security incidents, focusing primarily on the operational aspects of web application security. This includes analyzing threats, suggesting immediate remediation and mitigation methods, and actively working to block attacks in real time.
The scope of activities spans network layers 3, 4, and 7, covering a broad spectrum of threats. This includes defending against DoS & DDoS attacks, brute-force attempts, scraping, filtering unwanted traffic, as well as initial analysis and mitigation of application attack vectors such as XSS, SQL injection (SQLi), and remote code execution.
Another important responsibility of the ASRT is managing false positives. The team will investigate root causes of these misfires, propose optimal solutions to prevent recurrence, and apply necessary changes.
The ASRT works closely with the first-tier support team, serving as the focal point for security-related events and incidents. Additionally, the team maintains a two-way communication channel with the Threat Research team to share findings, exchange consultation, and stay updated on current security policies.
As a member of the ASR team, the specialist is expected to have a strong working knowledge of web application security and the current threat landscape, combined with in-depth familiarity with security policies and processes. Proficiency with relevant tools and methodologies is required, and continuous learning in security-related topics is encouraged.
This is a full-time position that requires weekend availability and participation in a rotating weekend shift due to the real-time nature of security response.
Key Responsibility:
Investigate and respond to active web and network-based security incidents in real time.
Apply and validate mitigations for attacks such as SQLi, XSS, and DDoS.
Troubleshoot false positives and fine-tune security policies.
Collaborate with internal teams to share findings and continuously improve detection and response.
Clearly explain security events and impacts to both technical and non-technical audiences.
Stay up to date on emerging web attack techniques and response methods.
Participate in a rotating weekend/on-call schedule to ensure 24/7 protection for our customers.

The Cyber Security team is looking for a highly motivated GRC Specialist to join our team and take ownership of our Governance, Risk & Compliance program.
In this role, youll work closely with the CISO and cross-functional teams to embed security and compliance into everything we do. enabling the business to scale securely while meeting regulatory and customer expectations.
This is a high-impact position for someone who thrives in dynamic environments and wants to build, improve, and influence how security is managed across the organization.
What will you be doing:
Own and lead the organizations Governance, Risk & Compliance (GRC) program
Reporting the CISO to define and execute a GRC strategy aligned with business objectives and risk appetite
Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements
Lead and manage risk assessment processes across cybersecurity, IT, third-party, and operational domains
Maintain and actively manage the risk register, ensuring risks are identified, prioritized, tracked, and remediated
Drive and manage compliance programs (e.g., ISO 27001, NIST, CIS, GDPR), ensuring continuous audit readiness
Lead internal and external audits end-to-end, including evidence collection, auditor coordination, and remediation tracking
Manage third-party risk (TPRM), including vendor security assessments, questionnaires, and ongoing monitoring
Support product and engineering teams by integrating security and compliance requirements into new features and systems
Build and deliver risk and compliance reporting, including dashboards, KPIs, and executive-level insights
Translate technical risks into clear, business-relevant communication for leadership and stakeholders
Drive security awareness initiatives and promote a security-first culture across the organization

The cyber & information security department is looking for a Security Solutions Architect to support our business and drive its growth.
As a Security Solutions Architect, you will play a pivotal role in information security department, contributing to the overall success of company. This position offers an exciting opportunity for individuals who are passionate about field and are eager to make a meaningful impact through responsibilities.
In this role, you will work closely with the IT, R&D, finance, and other departments in the company.
In this job you will have the opportunity to make big impact on the security level of the company.
What will you be doing:
Develop and lead information security strategies by defining and implementing security policies, procedures, system hardening, incident response, disaster recovery, and addressing emerging cybersecurity threats and best practices.
Ensure secure project architectures by overseeing project and system designs to meet security requirements and integrating risk analysis.
Collaborate across teams by working with development, infrastructure, and security teams to resolve issues and implement improvements.
Act as a security design authority by reviewing, approving, and providing security sign‑off on solution architectures, including threat models, trust boundaries, and architecture decision records.
Participate in strategic meetings by engaging in project steering committees and regular discussions to drive security initiatives.
Conduct security reviews and risk assessments by assessing product features, technologies, and applications to meet security standards.
Plan and design security solutions by developing solutions to identify, protect, detect, respond, and recover from cyber threats.