עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
Description:
XTEND builds human-guided autonomous drone systems for defense and security operations, combining real-time tactical control with onboard autonomy. As a fast-scaling company operating in a highly regulated, export-controlled domain, our IT and security function is mission-critical: it protects sensitive R&D, enables a distributed global workforce, and underpins the trust our customers place in us.
This is a dual-hat leadership role combining ownership of global IT operations with end-to-end responsibility for the company's information security program. You will set the strategy *and* keep your hands on the keyboard — leading a lean team of two engineers while personally driving the security maturity a defense-tech company demands.
It suits someone who thinks like an architect, operates like an engineer, and communicates like a leader. You'll balance enabling a fast-moving R&D organization against the discipline required to protect controlled technical data, and you'll do it across time zones and sites.
Key Responsibilities
IT Operations & Infrastructure:
- Own the global IT strategy, roadmap, and budget across all sites.
- Lead, mentor, and develop a team of 2 IT engineers — a true player-coach, hands-on where it counts.
- Manage the full endpoint lifecycle worldwide: procurement, imaging, MDM, asset management, and secure decommissioning.
- Run identity & access management end to end — SSO, MFA, IdP (Entra/Okta/Google), and joiner–mover–leaver automation.
- Maintain reliable network, Wi-Fi, VPN, and connectivity across offices, R&D labs, and test environments.
- Administer the cloud and SaaS estate (M365/Google Workspace, AWS/Azure/GCP) and the core productivity stack.
- Deliver responsive end-user support across multiple time zones against clear SLAs.
- Own business continuity, backup, and disaster recovery.
- Partner with R&D and production on lab/OT network design and segmentation.
CISO:
- Own the information security program end to end — strategy, policies, standards, and procedures.
- Drive a risk-based security architecture: zero-trust principles, network segmentation, EDR/XDR, email and identity security, and privileged access management.
- Run vulnerability management, patching, and coordinate penetration testing.
- Lead data protection and classification — especially for export-controlled and customer-sensitive technical data (DLP, access governance, insider-threat controls).
- Own incident response: maintain the IR plan, run tabletop exercises, and lead the team during real events.
- Build and sustain a security-awareness culture through training and phishing simulations.
- Manage third-party, vendor, and supply-chain security risk.
- Respond to customer security questionnaires and represent XTEND's security posture to partners and auditors.
Compliance & Governance:
- Mature and maintain the company's compliance posture, working toward and sustaining relevant certifications and frameworks.
- Coordinate audits, evidence collection, and remediation.
- Partner with Legal and the export-control function on the technical controls behind ITAR/EAR obligations and controlled-data handling.
Leadership & Cross-functional:
- Build strong working relationships across R&D, hardware, manufacturing, HR, Finance, and Legal.
- Own vendor selection, contracts, and the IT/security budget.
- Drive process maturity and scalability as headcount and complexity grow.
- Report regularly to leadership on posture, KPIs, risk, and roadmap progress.
Requirements:
- 7+ years in IT, including 3+ years leading IT operations or managing an IT team.
- Demonstrated ownership of, or major contribution to, an information security program.
- Hands-on depth across IAM, endpoint/MDM, cloud (M365/Azure or AWS/GCP), networking, and modern security tooling.
- Experience supporting global, multi-site, multi-timezone operations.
- Track record building and enforcing security policies and controls.
- People-management experience and a genuine player-coach mindset.
- Excellent written and spoken English.
- Comfort operating in a fast-paced, scaling environment with shifting priorities.
Advantageous (Strong Pluses)
- Experience in defense, aerospace, or other high-security / regulated industries.
- US defense compliance: familiarity with NIST SP 800-171, CMMC, ITAR/EAR export controls, CUI handling, or GovCloud.
- Commercial frameworks: experience implementing or maintaining ISO 27001 and/or SOC 2.
- Security certifications: CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor.
- Cloud/security certifications (Azure, AWS, CCSP).
- Experience securing OT / lab / manufacturing networks.
- Experience scaling IT through rapid company growth.
- Hebrew or additional languages [if relevant to your sites].
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
חיפה
ערב