דרושים » אבטחת מידע וסייבר » Risk and Threat Specialist

22/09/2024
משרה זו סומנה ע"י המעסיק כלא אקטואלית יותר
מיקום המשרה: תל אביב יפו
משרות דומות שיכולות לעניין אותך
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
5 ימים
Check Point
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
Why Join Us?
Check Points Threat Prevention CTO office is looking for an Application Security Manager to join its staff.

This is a unique opportunity for you to work in the #1 worldwide Cyber Security Company, gain expertise and experience securing the best of Cyber Security Products.

Key Responsibilities
Be the owner of the Secure Development Life Cycle of all Check Points Products Organization, work with R&D, QA, Sales, Support, external researchers, and customers to make the cyber landscape a safer place.
Define and manage Check Points Products Security Life Cycle.
Define secure design and architecture procedures and policies.
Be the external point of contact for Check Point regarding vulnerabilities in our products.
Work with one of the best vulnerability research and pen-testing teams in the world.
Define Security Training with Learning Group to implement across the Product Organization.
Requirements:
Proven ability to lead and influence leaders across the organization.
In-depth knowledge of Secure Development Life Cycle (SDLC) processes, secure architecture, third-party tools, and security policies.
Strong understanding of Cloud architecture concepts and programming.
Expertise in identifying, analyzing, and mitigating security vulnerabilities, including familiarity with Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS).
Experience with vulnerability management and the ability to interpret and apply security standards, guidelines, and regulations.
Proficiency in secure coding practices and the ability to conduct code reviews for security vulnerabilities.
Familiarity with incident response processes, security monitoring, and threat intelligence.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
82193
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
4 ימים
Meta
Location: Tel Aviv-Yafo
Job Type: Full Time
Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure
Requirements:
Minimum Qualifications
7+ years of experience in Detection & Response Engineering or similar Security Engineering role
Experience building complex automations and integrations using SOAR platforms
Bachelor's degree or equivalent experience in Security
Experience designing systems used for responding to both external and insider threats
Experience analyzing network and host-based security events
Knowledge of networking technologies, specifically TCP/IP and the related protocols
Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
Coding/scripting experience in one or more general purpose languages
Experience with attacker tactics, techniques, and procedures
Preferred Qualifications
Background in security-focused software engineering, designing large scale systems and data pipelines, or offensive security
Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems
Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling development
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
80915
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
3 ימים
MICROSOFT ISRAEL
Location: Tel Aviv-Yafo and Herzliya
Job Type: Full Time
Our team is actively engaged in proactive vulnerability research across the Azure platform services. We are dedicated to uncovering novel classes of vulnerabilities and pioneering exploitation techniques to effectively pre-empt cyber threats.



We are searching for exceptional individuals with a profound passion for security and Cloud technologies. If you are deeply committed to unraveling intricate challenges, harbor a keen fascination for vulnerability research, and strongly desire to contribute to performing cutting-edge security research, we invite you to unite with us in our mission. By doing so, you will play a pivotal role in safeguarding countless users across the global landscape. Your expertise and dedication will be instrumental in fortifying our collective digital defenses.



We are seeking a highly skilled and experienced Senior Researcher to join our Offensive Cloud Security Team at Microsoft. In this role, you will lead vulnerability research engagements, play a pivotal role in identifying and addressing potential security vulnerabilities within Microsoft's cloud services, ensuring the highest levels of security for our customers and their data.
Responsibilities
Research and discover zero-day vulnerabilities in cloud environments and associated technologies. Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings.
Conduct in-depth threat modeling exercises to identify security risks and vulnerabilities in Microsoft's cloud infrastructure. Collaborate with cross-functional teams to assess the impact of identified threats and propose mitigation strategies.
Design and execute sophisticated penetration tests against Microsoft's cloud services, simulating real-world attack scenarios. Provide detailed reports outlining vulnerabilities, exploitation techniques, and recommended remediation steps.
Create and maintain cutting-edge vulnerability discovery, exploitation, and penetration testing tools in cloud environments. Stay abreast of the latest security research and integrate innovative techniques into the offensive security toolkit.
Collaborate with internal security teams to enhance overall security posture, including incident response and defensive security. Participate in knowledge-sharing initiatives, mentor junior team members, and contribute to the security community.
Requirements:
Required/Minimum Qualifications

8+ years of hands-on experience in offensive security research, with 2+ years focus on cloud environments.
Proven track record of discovering and responsibly disclosing security vulnerabilities.
Expertise in cloud security technologies, including Azure, AWS, GCP and similar.
Proficiency in multiple programming and scripting languages.


Other Requirements:

Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Advanced degrees are a plus.
Strong written and verbal communication skills, with the ability to convey complex security concepts to both technical and non-technical audiences.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
81035
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
3 ימים
MICROSOFT ISRAEL
Job Type: Full Time
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.


Cloud Apps and Identity Research team is covering multiple SaaS based threat scenarios including Cloud Based Ransomware, Email and Files extortion, Business Email Compromise and related Nation State activity.

Responsibilities
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.
Requirements:
You have at least 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps (Sharepoint, Exchange, Entra ID), Oauth Apps, Enterprise Apps.
You have BS or equivalent experience in computer science, engineering, or information technology.
You have understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam Proficient in at least one programming language such as Python, C#, or C++.
You have excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers. Experience working with and manipulating large data sets (i.e. billions of events per day).
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
81044
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
3 ימים
MICROSOFT ISRAEL
Location: Tel Aviv-Yafo and Herzliya
Job Type: Full Time
Join a startup spirit team that protects the worlds most sensitive data at the user fingertips.

Modern organizations are struggling to protect sensitive data and access to critical assets while staying productive and cost effective.

We are building a security product from scratch, designed to revolutionize and reshape how people and organizations access their most sensitive resources.

This unique solution combines multiple technologies and disciplines in a mission to build a cohesive security product, which aims to empower organizations to access and manage highly secure assets while staying productive and avoiding business disruption.



The Security PM will lead the development and integration of comprehensive security solutions for first party access to cloud assets, with a focus on hardware and software integration. This role requires a strategic thinker with expertise in security architecture, product management, and a strong technical background.

Join our dynamic and fast-moving team, which operates with startup-like agility, collaborates with Microsoft, and is committed to achieving ambitious goals while fostering a diverse and inclusive work environment.
Responsibilities
Lead the security architecture of a unique innovative technology product.
Bridge between product security requirements and engineering implementation feasibility.
Define detailed security requirements and own the solution alternatives discussion.
Oversee the integration of hardware and software components to create secure and efficient systems.
Collaborate with engineering teams to incorporate security best practices into product design and architecture.
Communicate effectively with stakeholders at all levels to report progress, address concerns, and provide strategic security insights.
Translate business needs and priorities into security concepts. Orchestrate development plans and phases based on acceptable risk management standards.
Guide and escort the product development through a unique Secure Development Life Cycle (SDLC) procedures and processes.
Stay informed on industry trends, emerging threats, and best practices in security architecture to continuously improve security measures.
Requirements:
B.Sc. or M.Sc. in computer science, software engineering, or equivalent education.
5+ years of experience in leading the security vision of technology products.
Background in Security and Cloud. Familiarity with the Microsoft security stack is preferred.
Experience with multi-dimensional security concepts and products (HW, FW, SW and Cloud).
Proven problem-solving skills and a hunger for impact.
Experience of a full product lifecycle, from ideation to execution.
Data driven and curious individual with a passion for ongoing learning, experimenting, and improving.
Autonomous and capable of navigating in an ambiguous environment.
Preferred Qualifications:
Substantial experience in cybersecurity assurance and program management, preferably including platform & operating system development.
Knowledge of the internals of Windows operating systems.
Strategic thinking and problem-solving skills, with the ability to develop and execute research & development strategies that support product development objectives.
Experience with defining and tracking OKRs and KPIs to measure program performance.
Excellent communication and collaboration skills, with the ability to effectively interact with stakeholders at all levels of the organization.
Customer feedback and data driven.
Entrepreneurial mindset, self-starter, getting things done attitude
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
81040
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
WIX
Location: Tel Aviv-Yafo
Job Type: Full Time
Job Description
Research, identify, evaluate and implement the best solutions for security in Wixs production environment

Research, identify, evaluate and implement the best solutions for the platform code and services used by our developers

Work closely with development and system teams on all SDLC levels, performing security design reviews, threat modeling and penetration tests, while acting as a security mentor for developers

Investigate abnormal activity in production

Build creative tools and services to detect and solve cross-security issues
Requirements:
A Senior Application Security Researcher with 5+ years of hands-on experience in application security

Hands-on experience in security research with an offensive mindset

In-depth knowledge of web application vulnerabilities, their exploitation in the real world, and browser security mechanisms

A deep understanding of authentication and authorization protocols, and application security methodologies

Passionate about cutting-edge technologies

Excited by the idea of taking on lots of responsibility, you can work independently and be flexible

Open-minded self-learner who can see the big picture, analyze complex systems, identify potential failure points and find opportunities for big security wins

An advantage if you:

Published security research

Participated in bug bounty programs

Know Node/Java/Scala programming languages, or know your way around Docker containers and Kubernetes

Know your way around AWS and GCP environments, or cloud and microservice architectures
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
81292
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
5 ימים
Check Point
Location: Tel Aviv-Yafo
Job Type: Full Time
Join our dynamic and innovative team at Check Point, a leading security software company committed to safeguarding digital landscapes. We are currently seeking a skilled Data Protection Specialist to lead our data protection initiatives and ensure compliance with global privacy regulations.

At Check Point, we are committed to fostering a culture of innovation, collaboration, and continuous learning. As a Data Protection Specialist, you will play a pivotal role in shaping and enhancing our data protection practices. Join us in our mission to create a secure digital future while enjoying professional development opportunities, and a vibrant workplace culture.

If you are passionate about data protection and privacy and eager to make a significant impact in a cutting-edge security software company, apply now to be part of our dynamic team!

* This role reports directly to the CISO.

Key Responsibilities
Data Protection: Conduct thorough mapping and risk assessments of sensitive data to identify potential risks within the organization and. Define security controls to mitigate the risks.
Policy Development: Develop and enforce comprehensive data protection policies.
Training and Awareness: Implement training programs to educate employees on data protection policies and best practices.
Data Subject Rights: Manage and respond to data subject access requests and other requests related to individual privacy rights.
Collaboration: Work closely with cross-functional teams, IT,security and legal counsel to integrate data protection principles into business processes.
Reporting: Regularly report to executive leadership on the state of data protection within the organization.
Requirements:
Experience: 3-5 years of experience in a security role or GRC with strong understanding of data protection practices, technologies, solutions.
Certifications: Relevant Data protection certification (e.g. CIPP, CDPSE) - advantage
Communication Skills: Excellent communication and interpersonal skills to effectively engage with stakeholders at all levels.
Analytical Thinking: Strong analytical and problem-solving skills to assess risks and develop effective mitigation strategies.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
82210
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
Experis Key Account
Location: Tel Aviv-Yafo
Job Type: More than one
We are looking for a GRC Specialist team player to join our Security team. Location: Tel Aviv
You will lead GRC processes, perform internal audits and work with external auditors. You will represent our security posture in front of customers in RFIs and due diligence calls.
In this position you will: *Perform internal security audits and reviews, measuring the companys security posture and effectiveness of controls. *Work with the security team to assess the compliance gaps risk assessment and monitor remediation process. *Create and maintain security policies and procedures. *Prepare the company for external security audits and manage the external audits from the company side. *Answer customer questions and RFIs. *Perform security audits on vendors and contractors. *Responsible for managing our GRC Quantification tool. *Responsible for the security awareness training for employees, conducting company-facing training sessions, enrichment activities and performing dedicated sessions for specific departments and security drills.
Requirements:
Requirements: *Minimum of 3 years of experience in GRC roles. *Experience with implementing industry standards and frameworks such as ISO 27001, SOC2, NIST Cybersecurity Framework, GDPR and other relevant regulations. *Excellent verbal and written communication skills in English and Hebrew, to interact with cross-functional teams and customers. *Demonstrated ability to handle multiple tasks, prioritize effectively.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
83104
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
4 ימים
Location: Tel Aviv-Yafo
Job Type: Full Time and Hybrid work
In this position you will:
*Perform internal security audits and reviews, measuring the companys security posture and effectiveness of controls.
*Work with the security team to assess the compliance gaps risk assessment and monitor remediation process.
*Create and maintain security policies and procedures.
*Prepare the company for external security audits and manage the external audits from the company side.
*Answer customer questions and RFIs.
*Perform security audits on vendors and contractors.
*Responsible for managing our GRC Quantification tool.
*Responsible for the security awareness training for employees, conducting company-facing training sessions, enrichment activities and performing dedicated sessions for specific departments and security drills.
Requirements:
*Minimum of 1 year of experience in GRC roles.
*Experience with implementing industry standards and frameworks such as ISO 27001, SOC2, NIST Cybersecurity Framework, GDPR and other relevant regulations.
*Excellent verbal and written communication skills in English and Hebrew, to interact with cross-functional teams and customers.
*Demonstrated ability to handle multiple tasks, prioritize effectively.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
83244
שירות זה פתוח ללקוחות VIP בלבד
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
קבוצת מר
Job Type: Full Time
Information Security and Communication
MER Group is a global leader with over 40 years of experience in integrating cutting-edge solutions across telecom, communication infrastructure, defense technologies, and homeland security (HLS). We excel in managing mega projects and delivering advanced technology that connects and secures the world.
We are seeking a talented and passionate Information Security and Communication Specialist to join our dynamic team. In this role, you will be responsible for the day-to-day operation, upgrading, backup, and monitoring of our communication and information security systems. You will play a crucial part in designing network topologies, investigating cybersecurity incidents, and implementing security hardening measures.
Requirements:
Minimum 1 year of experience in communication and information security.
Hands-on experience with HP, Juniper, Cisco switches, and Fortinet firewalls.
Relevant certifications, including CCNA, are required.
Experience with segmentation, routing, VLANs, and related technologies.
Proficiency in setting up, implementing, and managing models such as FW, IPS, EPP, VPN, etc.
Strong ability to analyze logs from various systems.
High service orientation and self-learning capability.
Ability to manage multiple tasks simultaneously and work in non-standard hours, including weekends and holidays.
.המשרה מיועדת לנשים ולגברים כאחד
 
Show more...
הגשת מועמדות
עדכון קורות החיים לפני שליחה
83294
שירות זה פתוח ללקוחות VIP בלבד