דרושים Head of Cyber Security and Information Security בנתניה

Cibus Pluxee is a leading provider of employee benefits and welfare solutions in Israel. Our advanced technology platform empowers employees to seamlessly access exclusive promotions and benefits across a vast network of restaurants and businesses throughout the country.

What We’re Looking For:

We are seeking an experienced, hands-on Head of Cyber Security and Information Security to lead our global security strategy and operations. The ideal candidate will take ownership of shaping and executing the local cyber security roadmap in alignment with the global strategy. This role involves collaborating with various business units to strengthen our security posture, managing, and overseeing cyber security policies, procedures, and guidelines, and working with well-known frameworks, standards, and methodologies. The candidate should also demonstrate the ability to quickly understand and adapt to new technologies.

You should be a proactive leader with in-depth knowledge of industry-standard frameworks such as NIST, CIS, and ISO 27001, and the ability to rapidly learn and integrate emerging technologies.

This is a strategic and technical role requiring deep operational experience, strong communication skills, and an analytical mindset.

Key Responsibilities:

• Lead the development and execution of the global cybersecurity strategy and roadmap.
• Collaborate with business units and R&D teams to align security initiatives with business goals.
• Own and maintain information security policies, procedures, and guidelines in line with industry standards.
• Conduct and manage enterprise-wide risk assessments, defining mitigation plans with relevant stakeholders.
• Manage incident response processes and lead investigations with SOC teams and threat hunting services.
• Work directly with development teams to define and enforce secure SDLC practices, including SAST and DAST integration.
• Plan, lead, and respond to internal and external penetration tests and security audits, managing remediation processes.
• Oversee the configuration and tuning of SIEM systems: defining custom rules, integrating new log sources, and responding to alerts.
• Administer and tune DLP systems to monitor and protect sensitive data.
• Manage and operate CDR (Content Disarm & Reconstruction) sandbox systems to prevent file-based threats.
• Review and maintain network security configurations, including firewall rule reviews and provisioning.
• Provide technical oversight of various security platforms including WAF, VMDR, IPS, NGAV, NAC, and micro-segmentation technologies.
• Serve as a subject matter expert in understanding attack techniques, tactics, and procedures (TTPs).
• Communicate risks, incidents, and strategies to both technical and non-technical stakeholders, including executive leadership.

Requirements:

• Proven experience working directly with business units on risk assessments and risk management processes.
• Minimum 2 years of hands-on experience in:

- Managing incident investigations with SOC & threat hunting teams.

- Implementing and maintaining security frameworks (NIST, CIS, ISO27001).

- Collaborating with R&D teams to define secure development workflows.

• Experience leading penetration tests and audits with actionable remediation follow-up.
• Strong knowledge of attack methodologies, tools, and emerging threats.
• Hands-on experience with:

- SIEM systems: setup, custom rule creation, and log source onboarding.

- DLP: rule configuration, monitoring, and tuning.

- CDR sandbox systems.

- Network security technologies (FWs, routers, switches).

- Security solutions including WAF, VMDR, IPS, NGAV, NAC, micro-segmentation.

• Strong interpersonal, leadership, and communication skills.
• Fluent English – written and spoken.

Good to Have:

• CISO Training / Certification – Advantage
• Industry Certifications – CISSP, CISA, CEH (or equivalent)

Please send your resume via: [email protected]