לוח משרות דרושים הייטק אבטחת מידע / סייבר ברעננה

we are looking for an experienced, hands-on Chief Information Security Officer to build and lead our security strategy from the ground up. As a fast-growing mature privately held startup, we need a security leader who can balance strategic vision with roll-up-your-sleeves execution. This role is ideal for someone who thrives in dynamic environments and excels at owning and driving Information Security end to end. The CISO will report to the companys COO.
Key Responsibilities 
Oversee our companys end-to-end information security program, ensuring the protection of data, systems, applications, and employees.
Build, lead, and scale a high-performing security team of 5+ professionals.
Develop and implement a comprehensive security strategy aligned with business goals, industry best practices, and regulatory requirements.
Define and monitor company wide security policies, standards, governance frameworks, and technical controls (e.g., firewalls, IDS/IPS, endpoint security).
Lead Governance, Risk, and Compliance (GRC), including risk assessments, vulnerability management, incident response, and maintenance of the organizational risk register.
Drive proactive security monitoring and threat management, including insider threats, phishing, social engineering, credential theft, and emerging risks.
Conduct regular security assessments and partner with business units to identify, prioritize, and remediate vulnerabilities.
Ensure readiness for internal and external audits; manage the audit process with agencies, auditors, customers, and stakeholders.
Select, implement, and manage security technologies, tools, vendors, and processes supporting the organizations security objectives.
Closely collaborate with the IT team, who will be responsible for executing the security policies.
Collaborate with DevOps and engineering teams to strengthen security posture and embed secure-SDLC practices.
Provide executive-level communication and reporting to leadership and the board regarding cybersecurity risks, investments, and priorities.
Develop and deliver organization-wide security awareness and training programs.
Manage the security budget and resources efficiently.

This position should take ownership of the following key responsibilities:
Policy & Governance Management
Maintain and update the full security policy library (ISO 27001, SOC 2, GDPR, etc.).
Ensure version control, approval workflows, and cross-departmental adoption.
Lead annual policy reviews and align with new business or regulatory needs.
Security Risk Management
Own the corporate Risk Register (e.g., in Monday.com) and drive risk assessments across domains.
Track mitigation progress and report key risks to leadership.
Compliance & Certification Programs
Manage and maintain compliance frameworks (ISO 27001, GDPR, customer-driven requirements).
Prepare evidence and documentation for internal and external audits.
Vendor & Third-Party Risk Management
Oversee the Vendor Security Review process - reviewing new suppliers, SaaS tools, and renewals.
Monitor vendor security posture via SecurityScorecard or similar tools.
Ensure data processing agreements (DPAs) are aligned with legal.
Customer & Partner Assurance
Manage all RFI / RFP / security questionnaire responses.
Provide standardized documentation (e.g., SOC 2 reports, penetration testing summaries).
Support Sales / Customer Success during security discussions.
Security Process Governance
Define and enforce structured approval workflows for new tools, tokens, and architecture changes.
Integrate approvals into Jira or ServiceNow for traceability.
Collaborate with IT / AppSec / Legal for end-to-end governance.
Awareness & Training
Drive company-wide security awareness campaigns.
Onboard new hires with security and compliance training.
Ensure developers and business teams understand their compliance obligations.
Metrics & Reporting
Define KPIs for compliance maturity, audit readiness, and risk reduction.
Deliver quarterly GRC posture updates to the CISO / Security Steering Committee.

As part of System Architecture group, the Cybersecurity System Architect will define the end-to-end architecture of advanced network security services, such as intrusion prevention systems (IPS), and host-based intrusion detection systems (HIDS) and firewalling. This role is at the forefront of integrating deep security intelligence into high-performance, scalable network operating systems and telecom-grade platforms.
As part of R&D core function, shaping next-generation secure network infrastructure by embedding deep packet inspection, behavioral analytics, and threat mitigation into the product architecture.
Responsibilities
1. Architecture of Integrated Security Services
Define and lead the system architecture for L3-L7 firewalling, stateful inspection, policy enforcement, and application-aware filtering.
Architect integration of IPS, DPI, signature- and anomaly-based detection, and evasion-resilient detection engines into control and data plane systems.
Specify how HIDS capabilities will be embedded or interfaced with NOS components for detecting host-based anomalies and compromise indicators.
2. Threat Detection & Prevention Frameworks
Design scalable architectures that support high-speed signature matching, traffic heuristics, and flow analysis under real-world traffic conditions.
Define mechanisms for rule updates, threat intelligence feeds, and integration of ML-based detection algorithms.
Architect policy engines for complex rule matching, including user-defined policy trees and hierarchical control structures.
3. Secure System Integration
Lead system-level threat modeling and security design reviews across platform, OS, and networking protocol layers.
Define secure communication paths, trust boundaries, and cryptographic protections for sensitive metadata, logs, and update mechanisms.
Ensure proper isolation and sandboxing of inspection/control modules, especially in multi-tenant or containerized environments.
4. Performance and Resilience Considerations
Design architectures to meet line-rate security enforcement, ensuring minimal latency overhead while preserving packet integrity.
Align with the HW Architecture for performance optimized flow offload strategies (e.g. hardware-assisted DPI).

Were seeking passionate professionals who thrive in a fast-paced, creative, and collaborative environment - those who want to be part of the next generation of airspace security innovation.

This is a strategic, high-impact VP role for a visionary leader who will shape our companys global customer security strategy, strengthen executive-level trust with clients, and drive innovation in a rapidly evolving cybersecurity landscape. Reporting directly to the Global CISO, you will lead the customer-facing cybersecurity organization, ensuring alignment between client expectations and our companys security posture.
What Youll Do?
Lead Global Customer Security Strategy
Serve as the senior security representative for strategic clients, engaging with C-level stakeholders and regulators to build trust and transparency.
Define and execute a customer-centric security strategy, aligned with global standards and emerging technologies.
Act as a trusted advisor on security strategy, risk posture, and compliance readiness.
Drive Technology & Architectural Excellence
Lead Cloud Security & Multi-Cloud Governance, securing hybrid and multi-cloud environments.
Champion DevSecOps & Secure SDLC, embedding security into development pipelines.
Oversee secure adoption of Generative AI (GenAI) and other emerging technologies.
Provide expert oversight for data protection across hybrid models.
Inspire & Scale Global Teams
Lead and empower a global organization of 100+ cybersecurity professionals, fostering innovation and autonomy.
Build a culture of continuous improvement, ensuring service excellence and customer satisfaction.
Represent our company in industry forums and strategic briefings, positioning us as a trusted partner.
What Success Looks Like?
Increased customer trust and satisfaction scores.
Secure adoption of emerging technologies across global clients.
Measurable improvements in compliance readiness and risk posture.

In one sentence
The Information Security Specialist will lead the efforts to secure the company ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders questions.
What will your job look like?
You will recommend information technology policies, standards and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
You will work with the technical teams both within and outside of our company to embed, deploy or guide all security requirements.
When applicable, you will conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures and practices.
You will research and educate the IS organization around specific standards and regulations that might apply to different domains while monitoring their implementation throughout the security ecosystem and provide recommendations to the relevant stakeholders.
You will keep up-to-date with emerging security threats and alerts, emerging products, services, protocols, and standards in support of security enhancement and development efforts.
You will provide technical guidance to IS teams by means of coaching and mentorship to achieve project goals to the required level of quality. Promote team engagement, empowerment and motivation.
You will onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge.
You will enforce quality processes (i.e. performing technical root cause analysis, outlining corrective action for given problems) and ensure that all the project agreed deliverables are completed to the required level of quality.