Cybersecurity Engineer

We are seeking an experienced and highly professional candidate to lead Cybersecurity Assessments and Audits. This role will also play a key part in developing marketing and business materials, including proposals, points of view (POV) documents, and business presentations. The ideal candidate will demonstrate strong leadership capabilities, exceptional communication skills, and a proven ability to articulate complex cybersecurity concepts in a clear, client-focused manner.

GRC Requirements:

In-depth knowledge of the NIST Cybersecurity Framework (NIST-CSF).

Governance, risk, and compliance (GRC) frameworks to align cybersecurity initiatives with regulatory requirements and organizational business objectives. Skilled in integrating GRC processes across security programs, supporting risk assessments, and ensuring continuous compliance with industry standards.

Conduct risk assessments and design actionable risk mitigation plans.

Ensuring compliance with industry standards such as NIST-CSF, ISO 27001, and CIS Benchmarks, including overseeing internal audits and remediation activities.

Technical Background:

Expertise in designing network security architectures, including perimeter security, next-generation firewalls (NGFW), Secure Web Gateway (SWG), CASB and SSPM, web application firewalls (WAF), intrusion detection and prevention systems (IDPS), endpoint protection, and data loss prevention (DLP) solutions.

Background in Security Operations (SecOps), including SIEM solutions, and the application of Security Operations Center (SOC) methodologies. Understanding incident response (IR) processes, investigating security events, and coordinating cross-team responses to effectively mitigate and remediate cyber threats.

Thorough understanding and practical experience with the zero-trust security model, encompassing zero trust network access (ZTNA), Secure Access Service Edge (SASE), and Security Service Edge (SSE) solutions.

Cloud network security - Ability to architect and implement cloud network security controls within major public cloud environments, including AWS, Google Cloud Platform (GCP), Microsoft Azure, and Oracle Cloud Infrastructure (OCI), leveraging native and third-party security tools (NG Firewalls, CSPM, CNAAP)

Project Management & Leadership

Ability to conduct structured cybersecurity maturity assessments and gap analyses using NIST-CSF frameworks.

Experience performing or supporting Cybersecurity Internal Audits: Understanding of audit methodologies, evidence collection, risk/control evaluation, and reporting.

Ability to write, review, and enhance cybersecurity procedures and documentation.

Practical experience in risk assessment, mitigation planning, and ongoing compliance monitoring.

Demonstrated ability to lead and execute client-facing projects, including managing workstreams, deliverables, and stakeholder communications.

Strong organizational and time management skills for juggling parallel assessments, audits, and documentation activities.

Collaboration skills: Comfortable working in cross-disciplinary teams on complex engagements.

Engagement & Communication:

Excellent verbal and written communication skills – Hebrew and English. Capable of drafting professional reports, proposals, and executive briefings.

Client-facing experience: Confident facilitating client workshops, meetings, walkthroughs, and presenting technical information to both technical and non-technical audiences.

Consultative approach: Ability to uncover client needs, recommend actionable improvements, and build lasting client relationships.

Additional Valuable Competencies:

Analytical and problem-solving mindset: Ability to identify root causes, analyze risks, and propose practical solutions.

Adaptability: Agile with new technologies, changing standards, and diverse client environments.

Continuous learning: Staying current with emerging threats, evolving regulations, and best practices in cybersecurity and risk management.