לוח משרות דרושים הייטק אבטחת מידע / סייבר בשרון, לחיפוש זה נמצאו 59 משרות

We are seeking an experienced Security Architect who has experience in confidential computing and attestation systems. The ideal candidate should have deep expertise in at least one leading confidential compute architecture and ideally in PCIe support around TDISP, IDE, SPDM. Strong knowledge of general system security, virtualization and hardware-enforced isolation primitives is essential.

What you'll be doing:
Lead, research, design, develop, and implement solutions for next-generation confidential computing network devices.
Develop novel hardware isolation mechanisms to provide defense in depth in the SoC.
Collaborate with external and internal hardware and software teams to implement and deliver the architecture.
Architectural modeling, validation, microarchitectural definition, and developing proofs-of-concept for secure platforms.

We're looking for talented and inspired individuals to join our team and attack our products with the goal of better safeguarding our users. The job involves performing security reviews of low-level software and its interface with the SoC HW.

Customers security, privacy, and safety are very important to us. Your job will be to analyze our products and attempt to break them in ways that could undermine these goals, including when the attacker is in possession of our device. In order to do that, you will be required to:
- Examine our new SoC silicon security features and demonstrate if/how they can be defeated.
- Examine embedded systems and find security vulnerabilities in us or 3rd party firmware and bootloaders.
- Develop tools to automate or focus the effort of performing such security reviews.
- Propose new ideas for security hardening and mitigations.
- Stay abreast of modern hacking techniques against our products, including those where the attacker is in close proximity or possession of the device.

We are looking for a highly skilled Detection & Automation Engineer to act as the technical cornerstone of our newly expanding 24/7 Security Operations Center. In this role, you will lead the detection engineering efforts across our entire corporate, large-scale cloud infrastructure, and core product telemetry, while playing a pivotal role in evaluating, deploying, and building our first SOAR platform.
If you are an action-oriented builder who loves writing high-fidelity detection rules, integrating APIs, automating manual SecOps tasks, and architecting data pipelines from the ground up, this role is for you.
Responsibilities
Drive SOAR Implementation: Lead the POC, selection, and deployment of a modern SOAR platform. Build the API connectors and Python-based playbooks to automate the triage and incident containment.
Own the SIEM: Lead data ingestion, parsing, and CIM mapping for our corporate infrastructure, cloud, and product telemetry
AI-Driven Automation: Integrate AI and LLM capabilities into SOAR workflows and automation scripts to accelerate alert triage, summarize complex threat data, and streamline incident response.
Advanced Detection Engineering: Translate complex threat intelligence and 3rd-party IR logic into native, high-fidelity alerts inside the SIEM and Application logging platforms
Continuous Tuning: Work closely with the SecOps Analysts in a continuous feedback loop to tune out False Positives and ensure alert fatigue is minimized.
Architectural Integration: Ensure seamless log flow and webhook integrations between infrastructure, SIEM, and our security stack.

We are looking for a highly skilled Cyber Security Engineer to play a key role in shaping and managing our internal security infrastructure, serving as a key partner to our global workforce.
In this role, you will take on complex security challenges across network security, corporate tooling, and access management.
You will help ensure our employees can work securely from anywhere in the world, leverage AI tools safely, and maintain our fast-paced culture without friction.
Responsibilities
Lead and optimize network security architectures, including modern SASE platforms, VPN configurations, SSL/TLS inspection, routing, and firewalls to ensure a seamless and a highly secure Zero Trust Network Access (ZTNA) environment.
Drive the deployment, configuration, and enhancement of enterprise security platforms, like Endpoint Security (EDR/XDR/DLP) and advanced Email Security suites (including SPF/DKIM/DMARC) from POC phase to production.
Act as a technical authority for our IAM architecture. Define strict security policies (MFA, Conditional Access) and work closely with the IT team to continuously improve our identity-first security posture.
Monitor and maintain our cloud security posture across AWS/GCP/Azure environments (including K8s & Containers). Implement cloud-native security controls, manage configurations, and ensure compliance with security standards across all cloud platforms.
Own the vulnerability management lifecycle for infrastructure, endpoints, and corporate software. Drive scanning, prioritization, and remediation tracking in close collaboration with DevOps and IT teams.
Support security incident response, assist in containment, contribute to post-mortem analysis, and help maintain IR runbooks relevant to your domains.
Help define and enforce secure usage policies for GenAI tools (e.g., Copilot, Claude, ChatGPT) to prevent data leakage.
Perform rapid, pragmatic security assessments for new SaaS applications and browser extensions.

we are looking for a Embedded Systems Vulnerability Researcher.
As an Embedded Systems Vulnerability Researcher, you will operate at the cutting edge of security projects. Your mission is to identify, exploit, and mitigate security flaws in complex hardware/software ecosystems. You will bridge the gap between the digital and analog worlds, analyzing everything from low-level firmware to the electromagnetic spectrum.
Responsibilities:
Vulnerability Discovery: Perform deep-dive security analysis and "bug hunting" on proprietary embedded systems and RTOS.
Exploit Development: Create Proof-of-Concept (PoC) exploits for identified vulnerabilities, including memory corruption, logic flaws, etc.
Firmware Analysis: Conduct static and dynamic analysis of binary blobs using advanced reverse engineering suites.
Hardware Probing: Utilize JTAG, UART, and SWD interfaces to extract firmware, monitor execution, etc.
Tooling: Develop custom scripts and tools in Python, C, C++ to automate the research and exploitation pipeline.

We seek an embedded security researcher to join us in developing cutting-edge cybersecurity projects.
Responsibilities:
As an Embedded security researcher, you will be dealing with:
Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.

we are looking for a Security Researcher to research and develop cutting-edge cyber projects.
We face highly complex technological challenges and need talents to help us overcome them.
Do what you love:
As a vulnerability researcher, your main focus will be on vulnerability discovery and exploitation of most prominent OS`s in the market, and on various challenging platforms.

Power the Future with us! we are a global leader in high-performance smart energy technology, with over 3000 employees, offices in 34 countries, and millions of products installed in over 133 countries. Our diverse product offering comprises intelligent solar inverters, battery Storage, backup systems, EV charging, and complete home energy management ecosystems. By leveraging world-class engineering capabilities and with a relentless focus on innovation, we strive to create a world where clean, green energy from the sun is the primary source of power for our homes, businesses, and just about everywhere we thrive We're looking for a Cyber security Architect to set the technical direction for security across our entire estate - on-premises infrastructure, R&D and product engineering, and cloud. You'll own reference architectures, lead security projects end-to-end, and partner closely with infrastructure, engineering, and DevOps teams to embed security by design. This is a hands-on senior role: you're equally comfortable presenting a strategy to executives and pulling apart a threat model with engineers. What you'll do
* Design and govern security architectures that span data centers, product platforms, and cloud workloads - bringing one coherent control story across all three.
* Lead threat modeling and architectural risk assessments for major projects, translating findings into prioritized design changes.
* Define and maintain reference architectures, security patterns, and hardening baselines covering identity, network segmentation, endpoint, application, and data protection. Embed security into the SSDLC and review new product features and platform changes before they ship.
* Architect cloud landing zones, IAM, network and key management, CSPM/CWP coverage, and container/Kubernetes security.
* Mentor security engineers, brief executives, and act as the senior technical authority for security across IT, R&D, and cloud.


Country:
Israel

City:
Herzliya

The CSO Office is seeking an Application Security Team Lead. In this role, you will manage an application security team that focuses on building and running tools to secure the application landscape at scale, as well as conducting vulnerability research. You will work closely with the R&D and DevOps teams and serve as the focal point for identifying and resolving complex security challenges. This is a hands-on Team Lead position, a development-focused role that ensures our products adhere to the stringent security requirements of our thousands of customers.
As an Application Security Team Lead, you will
Build, lead, and mentor a team of AppSec Engineers
Lead the development of Internal Security tools and AI agents
Design and implement SSDLC practices and automated security controls across the CI/CD pipeline
Build and operate scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Provide technical leadership and drive adoption of secure development best practices
Define and measure AppSec KPIs and drive continuous improvement.

Required Developer Advocate
This role sits at the intersection of engineering, product, and the global developer community. Youll translate our technical work across all domains, repositories, security, release management, pipelines, distribution, metadata, AI/ML, and ecosystem integrations, into content, demos, talks, and conversations that developers trust. Youll also bring community insights back into our R&D and business teams to influence product direction.
As a Developer Advocate you will:
Represent us across developer, DevOps, security, and platform-engineering communities through conferences, meetups, webinars, podcasts, and online conversations
Create high-quality technical content: deep-dive articles, demos, hands-on guides, screencasts, code samples, and social content
Build compelling demos and storytelling around our core domains: Artifactory, Xray, Curation, Distribution, Pipelines, Workers, Fly, AI/MCP, and ecosystem integrations like GitHub
Collaborate closely with R&D, Product, Security, Solutions Engineering, Architecture, and Customer Success to deeply understand new capabilities and provide practical feedback
Engage with open source and developer communities, finding new channels and conversations where we should have a voice
Partner with Marketing to strengthen messaging while preserving technical credibility
Monitor and report impact across community engagement, content performance, OSS participation, and broader DevRel KPIs.

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead, you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

Required Security Solution Architect
As a Security Solution Architect, you will be a high-impact technical practitioner and the definitive domain expert in Application Security (AppSec) and software supply chain security. You are a strategic "force multiplier" for our Strategic customers Solutions Engineering organization, leveraging deep technical roots to bridge the gap between developer-centric workflows, IT security teams, and executive risk management. You will serve as the technical authority that internal teams and external customers "pull" into their most complex and critical security opportunities.
As a Security Solution Architect you will...
Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring our security capabilities provide a "Future State" blueprint for our most strategic customers.
Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight our unique ability to secure the entire lifecycle.
Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".

we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.

we are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science.
Responsibilities
Participate in Red Team and Risk assessments under the guidance of senior team members
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
Learn and simulate attacker tactics, techniques, and procedures (TTPs)
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance
Participate in internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios

As a Senior Security Researcher you will be responsible for researching multiple domains in the Automotive, AI, API, IoT and Mobility ecosystems, work closely with our domain researchers, data-scientists, development teams, as well as work with customers to build a cutting edge cybersecurity product at Upstream.

This role is full-time and is Israel based.

Responsibilities
AI Security - research LLM and MCP based attack methods
API Security - research API vulnerabilities and attack methods.
Research the Automotive Cybersecurity ecosystem: Automotive protocols - Both in-vehicle and external vehicle communications, Vehicle Architectures, Device research - Hardware, reverse-engineering, vulnerability research.
Mobility IoT Security - research IoT protocols and devices for vulnerabilities and attack methods.
Develop cyber-attack detection techniques and methodologies.
Develop research tools and technologies.