CTO Office

Vega is one of the fastest-growing startups in cybersecurity, redefining security analytics and operations with an AI-native platform for the SOC. We are building the next-generation operating system for security teams. Vega is already delivering real impact at some of the world’s largest organizations by improving detection, unlocking the value of security data, and reducing cost and complexity. With HQs in New York and TLV, we are looking for people who want to help shape the future of security operations.

About The Cto Office

The CTO Office is Vega's elite task force. When something is broken, complex, or critical - this is the team that gets the call. We don't wait for a clean handoff or a scoped ticket. We go in, figure it out, and make everything work. No notice, no excuses.

Our mandate spans the full width of the company: named technical representative on the deals that matter most, builders of the infrastructure that makes Vega deployable at Fortune 50 scale, and owners of the feedback loop that keeps R&D building the right things.

We move things inside the organization and outside of it - across product, engineering, customers, and leadership - and at the end of the day, we're the team that closes the loop end to end. If that sounds like the kind of team you want to be part of - read on.

what You Will Do

• Be the expert and escalation point for the most strategic accounts. You're the named CTO Office representative on the deals you're assigned - accountable for whether the deployment succeeds and whether product hears what needs to be heard.
• Take on the hardest problems, without notice. When something is blocking a deal or a customer, you don't escalate it. You own it.
• Influence the product roadmap. You carry field signal directly into R&D. You're expected to have strong opinions about what should move and why.
• Build what doesn't exist yet. If Vega needs it and it isn't there, you build it.
• Produce technical content. Whitepapers, blogs, and writeups. You help define how the world experiences and understands what we're building.
• Travel. Tel Aviv is home base. US customers and industry events are a regular stop.
  
  

• We're not looking for someone who fits neatly into a box. We're looking for someone who finds neat boxes a little underwhelming.
• You're a builder, not just an advisor - analysis without artifacts isn't enough.
• You close loops. You ship things - You leave systems better than you found them.
• You're customer-obsessed - you understand that what happens in enterprise POVs isn't a distraction from the real work. It is the real work. You run toward hard customer problems rather than away from them.
• You're opinionated and direct - you push back when something is wrong, change your mind when shown better evidence, and write and speak clearly without filler.
• You move without waiting to be told - when something is broken or missing, you identify it, own it, and fix it. You don't need a clean scope to start. You operate well under ambiguity and produce clarity for everyone around you.
• You have a hacker mentality - you find the path through, you're comfortable in ambiguous and underdocumented systems, and you debug by instinct as much as by method.
• You're technically deep and contextually wide - you can go deep on a data pipeline, a detection rule, a query engine, or a cloud architecture, then explain any of it to an executive the same afternoon.
  
  

• 8+ years of hands-on technical experience in security research, systems engineering, or a combination. Academic credentials matter less than what you've actually built and broken.
• Strong security domain knowledge - threat detection, SecOps workflows, SIEM architecture, detection engineering, or offensive security research. You know this space from the inside.
• Fluency in cloud environments (AWS, GCP, or Azure). You understand how data flows through cloud-native architectures and have operated in them.
• Comfortable writing and shipping code - scripts, pipelines, tooling. You don't need to be a software engineer by title, but you build things that work. Fluent with LLMs and AI-assisted development tools (Claude Code or equivalent). You use them as a force multiplier, not a novelty.
• Experience with enterprise technical engagements - POVs, architecture reviews, or field engineering. You're not learning how to handle a skeptical CISO on the job. Strong written and verbal English. You produce external-quality technical content and you're credible in front of a US enterprise audience.
  
  

• Background in Unit 8200 or comparable military cyber / intelligence work
• Experience with SIEM platforms at an administrative or engineering depth (Splunk, CrowdStrike Next-Gen SIEM, Microsoft Sentinel, QRadar)
• Familiarity with data engineering patterns - S3, Lambda, streaming pipelines, log normalization Published research, blogs, or notable open-source contributions
• Prior experience in a CTO Office, field CTO, or technical strategy function at a security company.
  
  

• Series B company ($185M raised) with serious enterprise traction and real runway to build
• A platform that's genuinely novel - not an incremental improvement on existing SIEMs
• A role with full scope: customers, product, engineering, and research all in one charter
• A team that moves fast, owns things completely, and doesn't wait for permission
• Tel Aviv headquarters, global customer base, frequent US travel