דרושים » אבטחת מידע וסייבר » Application Security Expert

Adaptive cloud is a new and exciting domain, bridging the gaps between cloud environment and edge devices, so that our customers can run their workloads where it best suits them. This is an opportunity to influence the security of this domain, covering cloud security, OS environments, deployment challenges and end to end research.

The Edge & Platform Security Fundamentals (EPSF) org ensures we ship the world's most secure operating systems, cloud platforms, and edge devices. We conduct research into the highest priority attack surfaces and scenarios, including into Microsoft strategic investments such as Adaptive Cloud, AI, and next generation OS. Our research teams include leading researchers in this domain, finding and fixing critical issues, and developing techniques and tools that help us scale the security research.

Being part of EPSF IL, you will build a new team of security researchers tasked with helping Microsoft ship the most secure products in the new domain of Adaptive cloud. The ideal candidate will have broad experience in both cloud security research as well as OS and container security, and with leadership qualities to lead additional researchers in hands on research.
Responsibilities

Build a new security research team from the ground up, defining the targets and roadmap.
Lead the work of a security focused research team across multiple concurrent projects.
Perform strategic and independent security research, discover new bug classes and offensive techniques.
Collaborating with partner teams and organizations on research findings to maximize security impact.
Contribute to improving the security posture of Adaptive cloud products.
Evaluate tools, techniques, and procedures for feasibility, effectiveness, and impact.
Develop and refine offensive security knowledgebases, guides, and training.
Contribute to tooling and automation for security research, including bug discovery automation and analysis.

We are looking for a Principal Security Research Manager, who will be responsible for managing security research teams in the delivery, investigation, and remediation of advanced cyber-attacks for our worldwide commercial and public-sector enterprise customers. If you are looking for a role that will allow you to use your knowledge and passion to strengthen the security posture of customers, you will have a bright future within our Microsoft Global Hunting, Oversight, and Strategic Triage (GHOST) team.

Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Microsofts mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
The management and leadership of security researchers and analysts.
Developing Business Strategy and providing Technical Thought Leadership
Innovating, partnering, delivering, and maintaining highly impactful, relevant, and profitable cybersecurity offerings and capabilities
Fostering partnerships with the Cybersecurity leadership team, Microsoft Product Groups and internal security stakeholders.
Resourcing and managing customer escalations to ensure profitability, high customer satisfaction, and operational excellence
Ensuring strategic delivery coordination, capacity, and readiness planning against and beyond business plans

Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure

The Cloud Guard research team is looking for a curious and highly motivated Cloud Security Researcher who will translate the research to direct security value for the company and product.

As a Cloud Security Researcher in the Cloud Guard area, you'll conduct ongoing research on different cloud infrastructures and services, detect and replicate different attacks, and publish technical blog posts.

Key Responsibilities
Initiate and conduct Cloud Research Initiatives throughout the realm of cloud cyber security.

Conduct cutting-edge research on all different cloud vendors and become an authoritative source of knowledge for the team.

Collaborate with cross-functional teams: Work closely with various teams to drive cloud detections in the product.

Publish intensive, technical blog posts on attack discovery and deep insights.

We are looking for a strong, motivated, and highly technical manager that can lead the research team. You will promote and choose the right security approaches. With R&D mindset, that the research outcome will be integrated to our product.

The position allows gaining extensive knowledge about security related based on Machine Learning algorithms that would help to secure organizations network, include the IoT devices. You will be able to directly impact protections against major vulnerabilities.

Key Responsibilities
Leading the data & research of Check Points Autonomous firewall and IoT security solution.
Working in a development group that is in charge of releasing security solutions for Check Points customers.
Work with data throughout all the pipeline from Data Engineering, Data Analytics to ML/AI models.
Collaborate with all the data & research related groups within Check Point.
Writing protections to various attacks, and investigating IoT devices and understand their network footprints and integration with other systems.
Build ML/AI solutions together with a strong partnership with our engineering team.
Productization & development of technologies from POC stage into an enterprise scale security solution.
Work closely with other development teams, QA, product management and customers.
Train & mentor junior developers.

At Check Point, we are committed to fostering a culture of innovation, collaboration, and continuous learning. As a Data Protection Officer, you will play a pivotal role in shaping and enhancing our data protection practices. Join us in our mission to create a secure digital future while enjoying professional development opportunities, and a vibrant workplace culture.

If you are passionate about data protection and privacy and eager to make a significant impact in a cutting-edge security software company, apply now to be part of our dynamic team!

* This role reports directly to the CISO.

Key Responsibilities
Policy Development: Formulate and enforce comprehensive data protection policies in alignment with relevant laws and regulations.
Data Privacy Impact Assessments (DPIA): Lead the DPIA process to evaluate and mitigate privacy risks associated with new projects and systems.
Risk Assessment: Conduct thorough risk assessments to identify and mitigate potential data protection risks within the organization.
Compliance Oversight: Stay abreast of evolving privacy laws and regulations, ensuring our company policies and practices remain in compliance.
Training and Awareness: Implement training programs to educate employees on data protection policies and best practices, fostering a culture of privacy awareness.
Data Subject Rights: Manage and respond to data subject access requests and other requests related to individual privacy rights.
Collaboration: Work closely with cross-functional teams, legal counsel, and IT security to integrate data protection principles into business processes.
Reporting: Regularly report to executive leadership on the state of data protection within the organization.

required Cyber Security Data Analyst

Job Description
Detect and characterize suspicious actors and abnormal behavior, to develop automatic data-driven solutions that mitigate cyber risks and threats
Conduct security research and critical incident investigation, leveraging insights from various technical data sources including application and infra raw logs, as well as users BI events
Be an integral part of data science projects - from the project definition, to the data collection, and evaluation of the model
Be the data expert in security projects and work closely with different teams across the company
Build and maintain reports, dashboards, and metrics, in addition to monitoring the integrity and validity of the data reported
Promote cyber security awareness and guidance to other teams within the company regarding our unique methodologies for threat analysis

Meta Security is looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms.
Security Engineer, Incident Response Responsibilities
Lead security incident response in a cross-functional environment and drive incident resolution.
Contribute to Incident Response initiatives that improve Metas capabilities to effectively respond and remediate security incidents.
Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment.
Perform log analysis from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats.
Perform security incident root cause analysis and drive implementation of containment and mitigation strategies.
Build automation for response and remediation of malicious activity.

As the worlds leading vendor of Cyber Security, facing the most sophisticated threats and attacks, weve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base.
Key Responsibilities
You will be a key player on the Analyst Relations team that helps influence Check Points perception and leadership with global industry analysts. Your activities include managing inbound and outbound analyst requests including scheduling briefings, inquiries, product document reviews, developing the quarterly newsletter, internal reports, and supporting key events. You will be working with internal product management and product marketing teams to plan and execute engagements with industry analysts.

Key Responsibilities

Responsible for inbound and outbound analyst requests.
Respond promptly to internal team product management, product marketing, and research and development requests, providing useful information in a timely manner for all requests while staying within analyst firms policies.
Maintain strong working relationships with influential analysts covering Check Point.
Respond to requests for research from internal teams.
Work with internal teams (including PR) to identify analysts for product quotes in press releases, and assist in mapping key analysts to media reporters for background /technology support and support pitches.
Outbound communication to analysts about Check Point including scheduling product briefings, AR quarterly newsletter, email blasts, Check Point news, and support analyst engagements during conferences/special events.
Support inbound analyst requests in a timely and effective manner including internal team analyst inquiries, product document reviews, and analyst report distribution.
Monitor Check Point participation in analyst reports.
Assist with internal requests for analyst research and information.
Work with internal Check Point teams seeking analysts input on product roadmaps, strategy, pricing models, etc.
Work with internal teams to use analysts strategically to support marketing efforts including speaking opportunities, commissioned whitepaper sponsorships, and webinar participation for lead generation and increased product exposure.
Contributing to and maintaining Check Points AR Wiki including research report database, analyst report invitations, analyst lead generation projects, influential analyst database, etc.