לוח משרות דרושים הייטק אבטחת מידע / סייבר

We are At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.

The Role:
We’re seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams. Rather than owning security alone, you’ll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless. You’ll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.

Who You Are:

* A proactive self-starter with deep expertise in application and cloud security
* Passionate about secure development and enabling engineers through thoughtful guardrails
* Clear and confident communicator who can influence across technical and non-technical teams
* Curious about emerging threats and excited by the challenges of blockchain security
* Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale

What You’ll Actually Be Doing:

* Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
* Lead and scale a Security Champions program embedded within engineering teams
* Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
* Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
* Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
* Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
* Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
* Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
* Stay current on emerging threats, developer tooling, and secure engineering patterns — sharing insights regularly with the team


Why You’ll Love Working Here:

* Flexible hybrid model: 3 days a week in the office
* ₪1,000 net monthly wellness benefit – from therapy to Pilates to your kid’s art class
* Full Keren Hishtalmut, private health & dental insurance
* Donation matching, volunteering days, team outings, and mentorship programs
* A mission-driven culture that values ownership, trust, and meaningful impact

Next Step:
Hit Apply!

As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.

We seek an embedded security researcher to join us in developing cutting-edge cybersecurity projects.

Responsibilities:

As an Embedded security researcher, you will be dealing with:

Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.

We are looking for an embedded security researcher to join us in researching and developing cutting-edge cyber security projects.

Responsibilities:

As an Embedded security researcher, you will be dealing with:

Embedded systems Reverse engineering.

Real-time Embedded End-to-End Low Level software developments on various unique embedded platforms and environments.

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision.
Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.


Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:

Play a lot with the web-browsers, trying to find differences in behavior between them.

Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection

Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.

Understand customer specific requirements, deliver with impact and exceed customer expectations.

Discover adversary tactics, techniques, and procedures leveraged by bots.

Create and validate data insights to enhance detection excellence.

Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.

Find bad stuff on the internet, see if you can figure out how it is done, document it.

Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.

Contribute high impact work that substantially benefits team level metrics and OKRs.

Develop techniques, tools and scripts to simplify yours and others work.

Required Security Incident Response Group Lead - (250000G4)
What will you do?
A global provider of cybersecurity protection solutions for networks and applications. We are looking to enhance our Cloud Services, the fastest growing business, in key markets.
Security operation leadership - Oversee the daily operation by leading projects & processes, tracking tasks & progress, and mentoring of a global Incident Response (IR) group that is specialized in detection & mitigation of various network threats, such as Denial-of-service attacks, application server-side & client-side threats, botnets, and more.
Incident response leadership - Oversee & coordinate RT security incidents globally by maintaining & developing solid IR processes & playbooks, crisis management & de-escalation techniques, lead escalation calls, and identify & improve gaps in technical & operational procedures among the global security group.
Global IR team leadership - Lead and mentor a multidisciplinary cloud security group consists of security IR analysts & security experts, fostering a collaborative and high-performance culture, oversee the global recruitment & training process of new employees, and develop & maintain high performance teams with deep technical knowledge, customer orientation, and operational attitude.
Customer engagement - Ensure customer's SLA & satisfaction, build and maintain strong relationship with customers & stakeholders, and maintain regular communication through meetings, reports, and updates to ensure stakeholders are informed about security initiatives, incident responses, and risk posture.
Strategic planning - Develop & execute roadmaps, strategies, and frameworks aligned with organizational goals.

Were looking for an exceptional Lead Security Researcher to join our world-class Security Research organization. This is a hands-on technical leadership role for a senior researcher who wants to drive research direction, depth, and real-world impact.
This role sits at the intersection of deep offensive research and strategic defensive thinking - influencing how modern cloud-native attacks are detected, understood, and stopped at scale.
What Youll Do:
Provide technical leadership and mentorship to security researchers, setting a high bar for research quality, depth, and execution.
Research and analyze advanced attack techniques targeting Linux-based cloud-native environments (containers, Kubernetes, serverless).
Reverse engineer Linux malware to uncover behavior patterns, execution flows, and persistence mechanisms.
Study real-world threat actor techniques and translate insights into actionable detection, prevention, and hardening strategies.
Design and prototype advanced detection and observability mechanisms, including kernel- and runtime-level approaches (e.g., eBPF).
Turn cutting-edge research into scalable security capabilities that protect large-scale production systems.
Collaborate closely with engineering and product teams to ensure research outcomes are practical, impactful, and production-ready.
Influence Aquas long-term security strategy through research-driven insights.

we are looking for an experienced and proactive Senior IT Systems Engineer to join our growing IT team.
This role will be pivotal in managing our modern, cloud-first infrastructure with a focus on Azure, AWS, Office 365, Intune, and enterprise security platforms. The ideal candidate is a senior-level engineer who thrives on automation, scalability, and supporting a dynamic, hybrid workforce.
Key Responsibilities:
Design, manage, and secure systems across Azure, AWS, Office 365, and Docker-based environments.
Oversee device management policies and compliance via Microsoft Intune across Windows, macOS, and mobile platforms.
Lead onboarding and offboarding workflows, integrating automation and security best practices.
Develop self-service solutions and automated workflows for IT operations using tools like PowerShell, Python, Azure CLI, AWS CLI, and code/no-code platforms (e.g., Workato, Torq).
Administer Entra ID (Azure AD), including conditional access, MFA, and role-based access control (RBAC).
Enforce endpoint and cloud security using CrowdStrike, firewalls, and Cato Networks, and conduct routine audits.
Troubleshoot and manage complex network environments, VPNs, and cloud-based firewalls.
Provide advanced technical support and guidance to internal IT and service desk teams.
Maintain comprehensive documentation and mentor junior staff.

Required Infra Security Architect
Job Description
Lead security efforts in your domains and reflect the security posture and gaps to stakeholders
Define and execute annual roadmaps to mitigate security risks and design secure architectures in diverse business units
Review and assess newer complex environments, discovering security gaps and creating security control in the form of policies and other mitigations
Develop best practices and security standards for the organization
Carry out proof of concepts for the latest security tools based on security needs and your own research
Work closely with DevOps team and development teams.

As a Network and Security Engineer, you will:
Design, implement and manage complex enterprise networks (LAN, WAN and WLAN)
Configure and maintain switches, routers and layer 3 devices from major vendors
Deploy and manage network security solutions, including firewalls, WAFs and load balancers
Monitor network performance and proactively resolve performance bottlenecks and security risks
Troubleshoot complex routing and switching issues (OSPF, BGP, EIGRP, VLANs and VRFs)
Maintain documentation and diagrams for network architecture and configurations.

we are looking for a Cyber Threat Intelligence Analyst to join our Cyber team
mission is to provide easy access to high quality web content to companies who wish to focus on data analysis and not data collection.
We work to provide access to the biggest data repositories in each vertical we serve, and we take pride in our ability to quickly take care of our clients, and fulfill their data requirements.
What Youll be Doing:
Maintain deep, ongoing knowledge of deep and dark web sources, actively tracking forums, marketplaces, blogs, and chat platforms, while ensuring data coverage, quality, and continuity.
Perform continuous cyber threat research across the cyber landscape, maintaining up-to-date knowledge of trends and incidents across malware campaigns, ransomware attacks, and data breaches, including threat profiling and ecosystem analysis to enhance detections and customer outcomes.
Own the technical delivery of cyber trials by building tailored POCs, validating data relevance, and demonstrating measurable value aligned with customer KPIs.
Act as a technical point of contact for customers, supporting investigations, resolving data and coverage issues, and contributing to retention and expansion efforts.
Collaborate closely with Product and Development teams to improve data deliverables and help define and develop new product capabilities and features based on customer needs and threat-landscape insights.

As a Detection & Incident Response Team Lead, you will:
Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
Leverage open-source tools and frameworks to support threat attribution and research
Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders.

As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Conduct advanced analysis of operating system internals, including binary and architectural evaluation, security testing and exploit mitigation research
Define product requirements, alert mechanisms and working procedures.

Required IR Engineer
Were looking for a hands-on incident response expert thats passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, youll:
Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments
Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems
Automate forensic evidence collection and response actions across diverse platforms and services
Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility
Lead incident retrospectives and document technical findings, response steps, and process improvements
Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables
Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols.

Want to make an instant impact?
Be a part of the top cyber research teams in the industry and make the world a better place!
As a Vulnerability Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding vulnerabilities and circumventing modern mitigation techniques
Our perks:
A competitive compensation package
Hybrid and flexible
Multiple career advancement opportunities
Incredible benefits.