לוח משרות דרושים הייטק אבטחת מידע / סייבר

Required Security & Network Administrator
Role Description
Work as part of the IT team in a global company, providing support to group companies both in Israel and worldwide. Responsibilities include managing and maintaining network infrastructure, ensuring security compliance, and delivering technical assistance across multiple locations.

we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.

we are looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science.
Responsibilities
Participate in Red Team and Risk assessments under the guidance of senior team members
Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
Learn and simulate attacker tactics, techniques, and procedures (TTPs)
Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
Contribute to external assessments, such as, perimeter testing, and reconnaissance
Participate in internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios

This is a full-time on-site role located in Haifa for a SecOps professional. The responsibilities include maintaining and optimizing security operations, identifying and mitigating potential vulnerabilities, implementing security monitoring solutions, and responding to security incidents. The role involves working collaboratively with cross-functional teams to ensure the deployment of robust security measures and policies across systems and infrastructures.

The Cloud Support Engineer will oversee, troubleshoot, and optimize cloud infrastructure for clients. This position requires deep knowledge of cloud operations, security, and performance optimization, along with a commitment to delivering outstanding support. The engineer will work directly with clients to ensure operational reliability, respond to incidents, and support secure migrations and optimizations.

Responsibilities:
Support & Troubleshooting:
Provide 24/7 monitoring of cloud infrastructure using NOC, proactively identifying and resolving issues to maintain high availability and system reliability.
Client Collaboration:
Act as the main point of contact for cloud-related inquiries, providing real-time troubleshooting support and practical guidance.
Security & Compliance:
Implement and monitor security protocols, including firewalls, access controls, and encryption, to protect client environments from vulnerabilities.
Conduct security assessments, manage access controls, and ensure that client environments meet industry standards and compliance requirements.
Documentation & Reporting:
Maintain comprehensive documentation of troubleshooting steps, configurations, and best practices.

We're building something special in our Israel-based Offensive Security organization, and we're hiring multiple people across three key areas:
Penetration Testing
Red Team Product
Security Research
While these roles share a common foundation in offensive security tradecraft, each brings its own unique focus and impact.
We're looking for deep expertise in at least one of these areas, with the ability to grow across others. We have multiple openings and are looking for talent at various levels. As we get to know you through the interview process, we'll work together to identify the best fit matching your expertise and interests with the specific role and level (Senior, Lead, or Principal) that makes the most sense for both you and the team.
Role Overview
We are seeking a highly skilled offensive security professional to join our elite team. This role is ideal for someone who thrives on breaking systems, finding creative attack paths, and using their findings to drive meaningful security improvements across our company's products and infrastructure.
You will work alongside some of the best minds in security, operating with significant autonomy and impact. Whether you specialize in deep application level penetration testing, red teaming, security research or vulnerability discovery, we want to hear from you-you don't need to be an expert in all three domains. What unites these roles is a relentless attacker mindset, a drive to find and demonstrate real-world impact, and the ability to translate offensive findings into lasting security improvements.
Responsibilities
Conduct advanced penetration testing, red team operations, or security research targeting our company's cloud infrastructure, applications, and services
Discover, exploit, and document security vulnerabilities using creative and methodical approaches
Develop custom tools, exploits, and attack techniques to simulate real-world adversaries
Collaborate with product teams to remediate vulnerabilities and improve secure design practices
Contribute to the maturity of our offensive security program through automation, tooling, and process improvements
Mentor and share knowledge with team members, fostering a culture of continuous learning
Present findings and security insights to technical and executive audiences
Stay ahead of emerging threats, attack techniques, and offensive security tradecraft.

Our Professional Services is seeking for a CISO (Chief Information Security Officer).
We are looking for an experienced and strategic CISO to lead and implement cybersecurity and information security initiatives for a leading financial organization.
This role requires strong expertise in cyber governance, risk management, regulatory compliance, incident response, and executive-level communication.
A full-time hybrid position, based in Central Israel.
Key Responsibilities:
* Lead the organizations cybersecurity and information security strategy
* Manage governance, compliance, and regulatory security requirements
* Conduct risk assessments, penetration testing, and third-party risk management
* Lead incident response processes and cyber event management
* Implement and oversee DLP, IAM, and Zero Trust solutions
* Ensure business continuity and disaster recovery readiness (BCP/DRP)
* Work closely with senior management and board-level stakeholders
* Promote security awareness programs and phishing simulations

Join our Operation team. Help drive our world-class threat monitoring and fraud detection platform securing organization funds. Be part of the analysts team, work with customers and key POCs, to provide an additional level of security and confidence, by leveraging unique intelligence feeds, threat logs, and IOCs. Collaborate with our world-class research team and various RnD teams as you help shape our product, help customers be more secure, and immerse yourself to the cyber fraud tech ecosystem.

Proactively monitor and review threats and suspicious events from our customers.
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Use multiple sources of our data intelligence trust network, external threat feeds, etc.
Support customer's payment processes and workflows.
Maintain excellent customer satisfaction through professional, proactive and personal service.
Work closely with our research and development team.
Contribute to our knowledge base by creating fraud analysis reports and best practices.

We are looking for a GRC Specialist to support our Governance, Risk, and Compliance (GRC) program, reporting directly to the CISO.

This is a hands‑on, execution‑focused role responsible for maintaining and scaling our compliance posture, reducing audit friction, addressing vendor risk, and supporting the integration of newly acquired companies into our security and compliance frameworks.

You will work closely with Security Engineering, IT, Legal, Privacy, Sales/Revenue, Procurement, Product, HR, and other business stakeholders to ensure security controls, compliance activities, and risk management processes are practical, effective, and aligned with business needs.


The day‑to‑day:
Lead audit preparation and ongoing compliance maintenance for frameworks such as SOC 2 / SOC 3, ISO 27001, ISO 27701, ISO 22301, NIST, and GDPR, including evidence collection, gap tracking, and remediation coordination.
Own and execute vendor and third‑party security assessments, helping reduce backlog and improve risk visibility across suppliers and partners.
Respond to customer security questionnaires and audits, partnering with Sales and Security teams to support deal velocity and customer trust.
Support the integration of newly acquired companies into our security, risk, and compliance programs, including gap assessments and remediation planning.
Maintain and improve the ISMS, governance processes, policies, standards, and procedures.
Act as a central point of contact for internal security and compliance inquiries from business and technical teams.
Support the administration and continuous improvement of GRC and compliance tooling, including workflows, evidence management, and reporting.
Contribute to the Security Awareness Program and cross‑organizational education efforts.

The perks:
Hybrid, flexible work environment.
Extended private health (including mental) insurance.
Personal and professional development programs.
Occasional Cross company long weekends.

We help organizations reinvent themselves.
Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow.
If youre looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you.
Integrity, excellence, and innovation are not just values - they are our standard.
we are looking for an excellent Cloud Security Expert .
Major Responsibilities:
Be part of our Great and growing Cloud security team to consult, design, develop, implement, and support our customers secure cloud environments
Deliver technology-related aspects of cloud security solutions and services to client engagements
Requirements discovery, architecture, design, and implementation of technical controls and cloud security tools
Cloud environments configuration reviews and assessment
Act as technical subject matter expert and the technical focal point for clients
When working with clients abroad, collaborate with our company member firms teams.

We are seeking a Cloud Security Engineer with 2-5 years of experience to provide advisory services to leading clients and support the design and security of cloud environments, with a growing focus on AI security.
This is a temporary position (maternity leave replacement).
Major Responsibilities
Advise clients on designing and securing cloud environments
Deliver cloud security solutions as part of client engagements
Lead requirements analysis, architecture design, and security controls planning
Perform cloud security assessments and configuration reviews
Act as a technical focal point for clients
Provide guidance on AI systems security, including risk identification and data protection.

We are seeking a highly skilled and hands-on Application Security Lead to take ownership of our product and infrastructure security. Reporting directly to the CISO with a dotted line to the CTO, you will act as the critical bridge between our Security and Engineering teams, driving a robust "security-first" culture.
While this role encompasses both application and infrastructure security, our primary focus is on the Application Security domain. You will lead our transition towards a mature DevSecOps organization, ensuring that security is seamlessly embedded into every phase of our SDLC without compromising delivery speed.
Key Responsibilities
Application Security & Secure Engineering:
Secure SDLC Integration: Embed security practices throughout the entire SDLC, from initial design and planning to deployment and maintenance.
Threat Modeling & Architecture: Lead threat modeling (e.g., STRIDE) and architectural reviews for high-risk features like authentication, PII, and payments.
AppSec Tooling & Automation: Integrate and manage automated security scanning (SAST, SCA, DAST) within CI/CD pipelines to ensure code integrity seamlessly.
Mobile & API Security: Enforce least-privilege models for API configurations. Lead security initiatives specifically tailored to mobile environments (iOS/Android), protecting our core mobility platform.
Offensive Security & Pentesting: Orchestrate internal red teaming and external penetration tests for web and mobile applications. Manage Vulnerability Disclosure Programs (VDP) / Bug Bounties.
Developer Empowerment & DevEx: Collaborate with developers to provide automated tools, coding guidelines, and frictionless guardrails for secure-by-design development, ensuring security acts as an enabler, not a blocker.
Incident & Vulnerability Management: Act as the technical escalation point for application security incidents, leading detection and recovery efforts, while prioritizing vulnerabilities across the product suite for timely remediation.
Cloud & Infrastructure Security:
Cloud & Network Posture: Manage cloud security posture (CSPM) across AWS/GCP and oversee broad network security measures, including WAF, Bot management, and environment segmentation.
Pipeline & Secrets Management: Secure the CI/CD infrastructure against tampering and enforce robust secret management and secure repository controls across the organization.
Resilience & Recovery: Manage disaster recovery (DR) and business continuity planning for production environments.
Governance, Culture & Compliance:
DevSecOps Strategy: Lead the strategic evolution of DevOps into a mature DevSecOps model, aligning with industry frameworks like OWASP SAMM and NIST SSDF.
Metrics & Measurement: Define and track key security metrics (e.g., MTTR, vulnerability density) to measure and improve program effectiveness.
Security Champions: Build and mentor a Security Champions program within R&D to scale security knowledge and foster a grassroots culture.
Compliance & Privacy: Ensure continuous compliance with PCI-DSS, ISO27001, and GDPR, championing privacy-by-design principles across all user data and R&D operations.

We help organizations reinvent themselves.
Through data, technology, and strategic thinking, we lead transformation processes that reshape how organizations operate, make decisions, and grow.
If youre looking to work in an environment that encourages initiative, challenges ideas, and creates real impact - this is the place for you.
Integrity, excellence, and innovation are not just values - they are our standard.
Our Cyber & Cloud Security Department is seeking an Information Security Architect to join us.
This role focuses on leading and advising clients and internal teams on integrating information security into complex technology, cloud, and digital transformation projects.
Responsibilities:
Lead security aspects in projects such as system implementations, cloud migrations, and digital transformation initiatives
Design and define end-to-end security architectures and protection strategies across cloud and on-prem environments
Provide expert guidance on Security by Design, Privacy by Design, and emerging areas such as AI Security
Conduct risk assessments, threat modeling, and comprehensive security reviews
Support implementation of security solutions and oversee security testing activities
Define security requirements and support RFP processes and vendor evaluations
Collaborate closely with development, product, infrastructure, cloud, and DevOps teams.