לוח משרות דרושים ראש צוות פיתוח אבטחת מידע /סייבר בתל אביב יפו

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement.

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

We're seeking a Senior Security Researcher & Team Lead to own and drive Zenity's security research domain from the ground up. This is a leadership-first role - you'll build and guide a research team, define a new frontier in AI and agentic security, and shape the methodologies and standards that don't yet exist in the industry. If you thrive in ambiguity, love creating structure where there is none, and want to leave a real mark on an emerging security domain, this role is for you.
You'll investigate emerging attack surfaces, architect and implement detection mechanisms, and validate your findings in production environments protecting Fortune 500 customers. It's a high-ownership position that blends deep technical research with strategic thinking and team leadership - with a real sense of urgency to shape the AI security landscape not just for Zenity, but for the entire security community.
Responsibilities:
Lead and mentor a security research team, driving vulnerability and threat research that generates product value and protects Fortune 500 customers in production environments.
Take end-to-end ownership of detection mechanism design for agentic AI applications - from initial hypothesis through experimentation to production-grade implementation.
Apply expertise across cloud, identity, web, and API security to map and address the evolving AI threat landscape.
Apply LLMs, Agentic AI, and machine learning models to detect security vulnerabilities.
Collaborate closely with engineering and product teams to translate research into actionable, shippable security capabilities.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

We are seeking a highly skilled and hands-on Application Security Lead to take ownership of our product and infrastructure security. Reporting directly to the CISO with a dotted line to the CTO, you will act as the critical bridge between our Security and Engineering teams, driving a robust "security-first" culture.
While this role encompasses both application and infrastructure security, our primary focus is on the Application Security domain. You will lead our transition towards a mature DevSecOps organization, ensuring that security is seamlessly embedded into every phase of our SDLC without compromising delivery speed.
Key Responsibilities
Application Security & Secure Engineering:
Secure SDLC Integration: Embed security practices throughout the entire SDLC, from initial design and planning to deployment and maintenance.
Threat Modeling & Architecture: Lead threat modeling (e.g., STRIDE) and architectural reviews for high-risk features like authentication, PII, and payments.
AppSec Tooling & Automation: Integrate and manage automated security scanning (SAST, SCA, DAST) within CI/CD pipelines to ensure code integrity seamlessly.
Mobile & API Security: Enforce least-privilege models for API configurations. Lead security initiatives specifically tailored to mobile environments (iOS/Android), protecting our core mobility platform.
Offensive Security & Pentesting: Orchestrate internal red teaming and external penetration tests for web and mobile applications. Manage Vulnerability Disclosure Programs (VDP) / Bug Bounties.
Developer Empowerment & DevEx: Collaborate with developers to provide automated tools, coding guidelines, and frictionless guardrails for secure-by-design development, ensuring security acts as an enabler, not a blocker.
Incident & Vulnerability Management: Act as the technical escalation point for application security incidents, leading detection and recovery efforts, while prioritizing vulnerabilities across the product suite for timely remediation.
Cloud & Infrastructure Security:
Cloud & Network Posture: Manage cloud security posture (CSPM) across AWS/GCP and oversee broad network security measures, including WAF, Bot management, and environment segmentation.
Pipeline & Secrets Management: Secure the CI/CD infrastructure against tampering and enforce robust secret management and secure repository controls across the organization.
Resilience & Recovery: Manage disaster recovery (DR) and business continuity planning for production environments.
Governance, Culture & Compliance:
DevSecOps Strategy: Lead the strategic evolution of DevOps into a mature DevSecOps model, aligning with industry frameworks like OWASP SAMM and NIST SSDF.
Metrics & Measurement: Define and track key security metrics (e.g., MTTR, vulnerability density) to measure and improve program effectiveness.
Security Champions: Build and mentor a Security Champions program within R&D to scale security knowledge and foster a grassroots culture.
Compliance & Privacy: Ensure continuous compliance with PCI-DSS, ISO27001, and GDPR, championing privacy-by-design principles across all user data and R&D operations.

We are on the lookout for a driven and experienced hands-on Engineering Team Leader to lead a group of engineers building our company's Sensor.
This team owns the entire endpoint agent, which is the backbone of our companys collection capabilities from Windows and Linux endpoints.
As a hands-on leader, youll guide a talented team of engineers in designing and evolving the agent that enables our fully AI-driven platform to identify and respond to real-time advanced persistent threats.
Responsibilities
Lead a team responsible for the endpoint product on Windows and Linux systems.
Mentor engineers, grow the team, and foster a culture of technical excellence and innovation.
Design and code production-grade C++ to create robust and high-performance software applications.
Collaborate with backend, frontend, research and other teams within the company to deliver state-of-the-art solutions for challenging problems.
Define and drive the technical roadmap, ensuring scalability, developer productivity, and rapid iteration.
Participate in code reviews with an emphasis on design and code quality, ensuring the team adheres to best practices and guidelines.

We are on the lookout for a driven and experienced hands-on Team Leader to lead a group of cyber security experts responsible for our detection platform.
In this role, you will lead a team of security engineers and own the security coverage and accuracy of our detection platform to guide development and strengthen our customers' resilience to emerging unknown threats. Your expertise in cyber security will drive our true AI-driven detection platform.
Responsibilities
Mentor engineers, grow the team, and foster a culture of technical excellence and innovation.
Work closely with developers and data scientists to produce AI detection models.
Apply your cyber expertise to investigate emerging threats and define technical requirements to mitigate them.
Continuously assess and evaluate security coverage and accuracy.
Architect and build scalable solutions for evaluating the platform security metrics.
Bring your excellent interpersonal skills to foster collaboration and maintain a positive attitude within the team.

The Fraud Lead is the principal technical authority for fraud detection and response engine. You own the professional logic that powers our product, ensuring that the "Brain" of our platform is technically cohesive, scientifically rigorous, and market-leading.
You act as a System Architect for the fraud domain, connecting the dots between Research, Data Science, and Analytics. Crucially, you serve as the primary technical consultant for our customers, helping them understand, integrate, and optimize the fraud logic that protects their environments. You work alongside a separate Product group (who defines the roadmap) and a Platform Engineering group (who builds the infrastructure).
What youll do:
Technical Domain Architecture
Logic Blueprinting: Design the end-to-end technical logic for detection features-from telemetry ingestion to real-time response actions.
Cross-Team "Glue": Ensure that Fraud Research insights are effectively operationalized by the Data Science team and surfaced correctly by the Analytics team.
Architecture Governance: Set the technical standards for how detection logic is built, ensuring it is scalable and compatible with the Platform Engineering teams infrastructure.
Customer Fronting & Technical Advisory
Technical Subject Matter Expert: Act as the lead technical consultant for high-value customers. You will lead "deep-dive" sessions with client-side engineers and fraud experts to explain our detection methodologies and data requirements.
Integration Strategy: Advise customers on how to best leverage our technical logic within their specific business contexts.
Feedback Loop: Translate complex customer technical needs and "edge case" fraud patterns back into technical requirements for the internal fraud group.
Expert Implementation
Hands-on Prototyping: Remain an expert practitioner in Python and SQL. You will prototype new detection methodologies and perform technical validation of production models.
Quality & Observability: Design the technical frameworks that ensure our detection logic remains performant and observable in live customer environments.

As a Vulnerability Research Team Lead , you will lead a world-class group of vulnerability researchers in analyzing complex cyber-physical systems. You will balance hands-on technical excellence with people management, guiding your team through deep-dive disassembly, code audits, and exploit development. You will be responsible for the team's research roadmap, ensuring we stay ahead of emerging threats while fostering a culture of innovation and professional growth.

Responsibilities
As a Vulnerability Research Team Lead, your impact will be:

Leadership & Mentorship: Lead, hire, and develop a team of high-performing Vulnerability Researchers, fostering a collaborative and high-standard environment.
Research Strategy: Define and execute the team's research roadmap, prioritizing targets that provide the highest value to customers and products.
Technical Oversight: Provide expert guidance on static/dynamic analysis, reverse engineering, and exploit development projects.
Cross-Functional Collaboration: Work closely with R&D, Product Management, and Threat Intelligence teams to translate research findings into actionable security features.
Thought Leadership: Represent research in the industry through blogs, whitepapers, or conference presentations (BlackHat, DEF CON, etc.).

we are looking for a talented team leader to join the industrys leading digital intelligence Labs group. In this role, you will lead and participate in innovative projects to implement and productize groundbreaking, world-unique capabilities for extracting evidence from Android or iOS devices.
Modern Android and iOS platforms present increasing challenges from a forensics perspective, incorporating robust protection mechanisms such as File-Based Encryption, Secure Element, and mitigations like Pointer Authentication Codes.
our Labs is a team of passionate researchers and developers dedicated to solving cutting-edge digital intelligence challenges, staying years ahead of others in the industry.
Our world-class R&D efforts assist law enforcement agencies by enabling lawful evidence extraction, helping to bring criminals to justice every day.
Key Responsibilities:
Oversee Vulnerability Research Projects: Lead and manage projects focused on discovering and exploiting vulnerabilities in mobile platforms.
Mentor and Guide Team Members: Provide mentorship and guidance to researchers, helping them navigate complex technological challenges.
Deliver Comprehensive Solutions: Develop complete solutions, moving beyond proof-of-concept demonstrations to fully implementable exploits.
Recruit and Develop Talent: Identify and recruit new researchers as needed, building a skilled and dynamic team to enhance the department's capabilities.

We are looking for a hands-on Security Research Team Lead to own and scale our Security Research domain.
This is a foundational role in a small, highly technical team, focused on deep security research, algorithmic thinking, and leveraging AI to turn complex data into accurate, actionable security insights.
This role is not about people management by default - it is about technical leadership, ownership, and building scalable research capabilities that directly impact product and customer security.
Responsibilities:
Own and lead the Security Research domain through hands-on technical work.
Research security risks in SaaS and business applications, including permissions, identities, and access models.
Design and apply algorithmic approaches to analyze complex data structures and security risk surfaces.
Leverage AI-based techniques to work with large-scale data, improve accuracy, and automate research workflows.
Detect security flaws, misconfigurations, and systemic risks in SaaS environments.
Lead and support complex security investigations and customer-facing incident research.
Work closely with Product and Engineering to translate research findings into scalable product capabilities.
Technically mentor and support a small and growing research team.
Define research priorities and help shape how the team scales over time.

We are looking for a Research Team Lead to establish and lead a cross-product research team focused on horizontal, high-impact initiatives that influence multiple offerings.
Unlike product-embedded research roles, this team drives foundational and strategic research projects across networking, security, identity, automation, and AI-driven capabilities. Examples include large-scale reasoning systems, autonomous policy frameworks, cross-domain detection and response concepts (xOps), and platform-wide intelligence capabilities.
You will combine deep technical expertise with strong leadership and execution skills -identifying impactful research directions, building a high-performing team, and turning advanced research into real platform capabilities used by thousands of customers worldwide.
Responsibilities
Technical Vision & Strategy:
Define and execute the roadmap for cross-product research initiatives.
Identify high-leverage research opportunities that impact multiple domains and products.
Drive long-term architectural thinking and influence platform evolution.
Balance innovation, experimentation, and production-readiness.
Team Leadership:
Recruit, mentor, and grow a multidisciplinary team of researchers (AI, data, algorithms, networking, security).
Establish high standards for research rigor, experimentation methodology, and engineering quality.
Foster a culture of ownership, collaboration, and technical excellence.
Research & Execution:
Lead complex, ambiguous research initiatives from ideation through validation and productionization.
Design large-scale experiments and validation methodologies using our data platform.
Drive innovation in areas such as:
Autonomous policy systems
Cross-domain detection and response frameworks
Large-scale reasoning and decision systems
Data-driven optimization and automation capabilities
Ensure research outcomes are measurable, scalable, and aligned with business impact.
Cross-Functional Collaboration:
Work closely with Product, Engineering, Architecture, and Product Research teams to translate research into shipped capabilities.
Provide technical guidance and influence cross-organizational decisions.
Act as a bridge between exploratory research and production systems.
Communication & Influence:
Present research findings and strategic recommendations to senior leadership.
Produce clear technical documentation, design proposals, and internal position papers.
Represent Platform Research as a center of excellence for cross-product innovation.

This client-facing role requires the Principal Consultant to lead and produce deliverables for reactive services engagements. You will work directly with multiple customers and key stakeholders, from technical administrators to the C-Suite, to manage incident response engagements from start to finish and provide expert guidance on long-term security posture remediation.
Key Responsibilities
Manage end-to-end incident response engagements, including scoping work, guiding clients through forensic investigations, containing security incidents, and providing long-term remediation recommendations.
Perform reactive incident response functions, including host-based analysis of Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
Investigate data breaches by leveraging digital forensics tools (e.g., EnCase, FTK, X-Ways, SIFT, Splunk) to determine the root cause of compromises and malicious activity.
Examine firewall, web, database, and other log sources to identify evidence of malicious activity, focusing on the details to ensure a thorough and accurate investigation.
Proactively collaborate with and mentor junior team members, sharing expertise in incident response and forensics best practices to empower others and ensure team alignment.
Effectively communicate complex technical findings and strategic recommendations to both technical and executive-level stakeholders.
Travel as needed to meet client engagement demands, typically averaging 20%.